www.hitdu.com Open in urlscan Pro
194.163.150.165 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.hitdu.com/
Submission: On January 19 via manual (January 19th 2023, 3:12:27 am UTC) from LK — Scanned from DE

Summary HTTP 179 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 33 IPs in 7 countries across 38 domains to perform 179 HTTP transactions. The main IP is 194.163.150.165, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is www.hitdu.com.
TLS certificate: Issued by R3 on December 21st 2022. Valid for: 3 months.

This is the only time www.hitdu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	194.163.150.165 194.163.150.165	51167 (CONTABO) (CONTABO)
3	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
19 19	2a04:4e42:600... 2a04:4e42:600::347	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:401::9c	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:400d:808::2001	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
32	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
3 21	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
10 10	18.196.254.35 18.196.254.35	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:8218:ef5f:5750:723c	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
5 5	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1 2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	2600:9000:211... 2600:9000:211e:2e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10 10	142.251.208.102 142.251.208.102	15169 (GOOGLE) (GOOGLE)
3 3	104.87.133.65 104.87.133.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
8 8	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
4	46.4.62.19 46.4.62.19	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
179	33

24 194.163.150.165 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi780189.contaboserver.net

www.hitdu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a04:4e42:600::347 (United States) 19 redirects

ASN54113 (FASTLY, US)

cdn.statically.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.196.254.35 (Frankfurt am Main, Germany) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-254-35.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:8218:ef5f:5750:723c (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.38.120.206 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.19.147.44 (United Kingdom) 5 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:2e00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.83.142.19 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.208.102 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.87.133.65 (Vienna, Austria) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-133-65.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 84.200.5.215 (Germany) 8 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	doubleclick.net 13 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 216 ad.doubleclick.net — Cisco Umbrella Rank: 192	89 KB
38	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28836 ad4m.at — Cisco Umbrella Rank: 9591 assets.ad4m.at — Cisco Umbrella Rank: 37206	917 KB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 156	316 KB
24	hitdu.com www.hitdu.com	401 KB
20	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1939 adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	53 KB
19	statically.io 19 redirects cdn.statically.io — Cisco Umbrella Rank: 8472	3 KB
10	bidswitch.net 10 redirects x.bidswitch.net — Cisco Umbrella Rank: 276	5 KB
6	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 82915 static-de.ad4mat.net — Cisco Umbrella Rank: 115742	11 KB
4	lead-alliance.net 4 redirects www.lead-alliance.net — Cisco Umbrella Rank: 70051	1 KB
4	telefonica-partner.de 4 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 72059	949 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	194 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	60 KB
3	awin1.com 3 redirects www.awin1.com — Cisco Umbrella Rank: 15193	2 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 521	2 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 691	830 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 22 region1.google-analytics.com — Cisco Umbrella Rank: 2439	21 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
2	conrad.de www.conrad.de — Cisco Umbrella Rank: 59631	1001 B
2	blau.de partner.blau.de — Cisco Umbrella Rank: 106543	2 KB
2	o2online.de partner.o2online.de — Cisco Umbrella Rank: 80790	3 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 413	2 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 595	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 721 r.turn.com — Cisco Umbrella Rank: 3102	869 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1223	461 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 954	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 728 s.tribalfusion.com — Cisco Umbrella Rank: 1773	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 702	1 KB
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 31333	1013 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8470	957 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	109 KB
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 89082	517 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 780	45 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 679	442 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 726	761 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1592	350 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 417	715 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 813	695 B
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 387	9 KB
179	38

	Domain	Requested by
24	www.hitdu.com	www.hitdu.com
21	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
19	cdn.statically.io	19 redirects
15	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	assets.ad4m.at	as.ad4m.at
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.hitdu.com googleads.g.doubleclick.net
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
11	pagead2.googlesyndication.com	www.hitdu.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
10	ad.doubleclick.net	10 redirects
10	x.bidswitch.net	10 redirects
4	www.lead-alliance.net	4 redirects
4	www.telefonica-partner.de	4 redirects
4	www.googletagservices.com	googleads.g.doubleclick.net
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.awin1.com	3 redirects
3	static-de.ad4mat.net	as.ad4m.at
3	sync.1rx.io	3 redirects
3	onetag-sys.com	2 redirects googleads.g.doubleclick.net
3	prod-rtb.ad4mat.net	www.hitdu.com googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	www.hitdu.com googleads.g.doubleclick.net
2	www.conrad.de	as.ad4m.at
2	partner.blau.de	as.ad4m.at
2	partner.o2online.de	as.ad4m.at
2	secure.adnxs.com	2 redirects
2	ap.lijit.com	2 redirects
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	sync.targeting.unrulymedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.hitdu.com www.googletagmanager.com
1	banner.congstar.de	as.ad4m.at
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	s.ad.smaato.net	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	p.rfihub.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.ampproject.org	www.hitdu.com
179	51

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
mhthemes.com

Subject Issuer	Validity	Valid
hitdu.com R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://www.hitdu.com/
Frame ID: 8536FA56CAB41879D2A954F201D1E46A
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20190131/zrt_lookup.html
Frame ID: C90AE1210B7F061A56FD34D1563BAB7D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&adk=3826760629&adf=1341073466&lmt=1674097942&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.hitdu.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097941551&bpp=2&bdt=558&idt=347&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5218503794227&frm=20&pv=2&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=747
Frame ID: A888400DFF8A2F450F56FFCD003B5B14
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=200&slotname=3467181458&adk=1881471838&adf=2181430633&pi=t.ma~as.3467181458&w=1080&fwrn=4&lmt=1674097942&rafmt=11&format=1080x200&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097941551&bpp=2&bdt=557&idt=384&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KC0r5cL8uM&p=https%3A//www.hitdu.com&dtd=751
Frame ID: 72728731CC57582FBDB75969955DD44B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=408&slotname=3554660062&adk=601411425&adf=437541325&pi=t.ma~as.3554660062&w=326&lmt=1674097942&rafmt=11&format=326x408&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097941551&bpp=1&bdt=558&idt=385&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1080x200&nras=1&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=522&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RfrPzLwaH3&p=https%3A//www.hitdu.com&dtd=753
Frame ID: 3876FEAF424F85A20C6A9C11D7CBEA56
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=408&slotname=3554660062&adk=4043508497&adf=2097402210&pi=t.ma~as.3554660062&w=326&lmt=1674097942&rafmt=11&format=326x408&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097941551&bpp=1&bdt=558&idt=386&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1080x200%2C326x408&nras=1&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gWMAjUiRfM&p=https%3A//www.hitdu.com&dtd=755
Frame ID: B4ADD0F8E4553F8D5A8972C7D61D989C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=2218735691&pi=t.aa~a.3293720632~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408&nras=2&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=G9eutrFt9M&p=https%3A//www.hitdu.com&dtd=6
Frame ID: 35B5B7F5FE8C3F003E7E733CC877332D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=4255998660&pi=t.aa~a.3304678886~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1693&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250&nras=3&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=skATprfpxI&p=https%3A//www.hitdu.com&dtd=14
Frame ID: 888F3A2BC89E316740CFADD7F1386619
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=60&adk=1102246663&adf=4276601049&pi=t.aa~a.650443173~rp.2&w=502&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=502x60&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=0&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250%2C326x250&nras=4&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=S5Q66mUneO&p=https%3A//www.hitdu.com&dtd=17
Frame ID: AA3AC700B0AE232BC8ADEF7BEB09AD4C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1
Frame ID: B4D5CAEEF622231D3FA929EADF3DA20B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CYWvhFrXIY8rqLeH33wPLj6a4BJDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgS8AU_QzudXc0vLPRUwAz-rEVp3YbQ5oCzw8Bz5AubV5kUihvLiot1HxkVXOoi9gGq5lExA1dR4srMepDMPDnM_OSyKfNGBXS6CM4ucGeSvV9Qf8uZ09V0-Qs08XzmMwpfl8rIQdFOfI_FDzlp23sjhGyNfrw6FJH1_bnufjgabpXftT067HXWZHkb5Q7YmoB1Hi-2vGfLe9oL4d7Xxwh1Ij1_gs9VF2peo0pKOrJfrwMCEdGg9lj4xsa-l9qEQgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02OTExOTY0NDQxNzEyMjA4GAA&sigh=VyWHlcVeF_Q&uach_m=[UACH]&cid=CAQSOwDq26N9Uz7wUW8HuJa_4PFbddtuWpiqZueMv1BKcuT8uHTJkB1ibfP2rZwkoZqyRnU2c29hf5AWLiNHGAEgEw
Frame ID: DD56ED9685D74D462449F60C6DCF871E
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hntzbw84z0q3mjszdxz2307k4f5bz4v9t5f6622k0wz2vycm99v0n6xjy63dhhq090rrb1jz2n3canyxj8tqjm0k65x1zt6d3e1khtaqwsa2hzv2y2da3cj1cszwkmakex51y9ghf0sc4md9qwn5g3a6dsf7a1v72a6s6cfj483a2rc2ywvfyx8venjngsr2v837nf63db9cna616knq5ehq5cax2bmqz79h0g6hv2kryr4fk5d4bgcff9m98nxkx0rdd3paxgys52dwbmbcejaagne0sfwsyh07x4ppajznnvkd6dtaf949dwmcmg8k2ka72a1qxdzqe8zgxz0mhg8x8a3etnhgkgnzd99fgbemg074v0c0s9hp3j6vgby6knwbq4r2wjysakem6076btzdc3236n7ftp8ewp2sfetkshs&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg8JiFrXIY8rqLeH33wPLj6a4BJDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgS_AU_QzudXc0vLPRUwAz-rEVp3YbQ5oCzw8Bz5AubV5kUihvLiot1HxkVXOoi9gGq5lExA1dR4srMepDMPDnM_OSyKfNGBXS6CM4ucGeSvV9Qf8uZ09V0-Qs08XzmMwpfl8rIQdFOfI_FDzlp23sjhGyNfrw6FJH1_bnufjgabpXftT067HXWZHkb5Q7YmoB1Hi-2vGfLe9sD6VicmO5oIR9ioJQ8MSGWRxpgjprnzHUBGPfrFAiAdqXp5aeHYAICrgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2_iDVHIIlmg2OnQd3yRnf1YALGwQ%26client%3Dca-pub-6911964441712208%26adurl%3D
Frame ID: 46279E69821DB27DA6638551080B9E75
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AD4C8D29C2EC207A0F1EB96B78D34EDD
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: BCE8D73361E6ECBDAC5E6B0484216B43
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CC3fvFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgS9AU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9UjqQuf-ZGTCea0S5cU4fJHEcHhfQ_azxDRKX90fsCVuwTM5x1Y4IAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02OTExOTY0NDQxNzEyMjA4GAA&sigh=zLeZLumjBOw&uach_m=[UACH]&cid=CAQSOwDq26N9iFY4pTd40qKxNVh0vMeJS020MQhqwfRkDrUFu6DxglBbZluLRqzeSf9lS5_l4gPB2VNZrKeKGAEgEw
Frame ID: 29485E1EE96EB362CDFE1631B8E192EC
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h9phnrg76vh3n5cm10jkv8tmfqmgr8g1jpv9pcbp9vggttp8q72pz87djrj806v12p1p3c074mcen3hetx9mw2qbe0f2w4enjz572hpe0k5v8ek4tmx03abpmvhq78hqjn0zy0s3624sk7z13xwqgvx0yvyrpscas70nebkv41yefhcd4s0ca7jv2bwy7sq8nq1nbrynzg7tjjw683qz4h22wfxffeq8ys6bmfj2ctfzq9pw0tfrzmbsaf3cq20byewetzsnerhvn42ppjan9njbsr50mb0bxca4v9cyda44j03hhd5ke0dh24qtsmvsh35bhrnq9ms310q9n9q226qd8eza9xpnn9gm8zbtd0nt7rjw2ksbt9y79nhms0j4pwkkt1akrqsajyjebkn2ra1pqqq27tg2w353vkshj25yfj0yb7ag&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%26client%3Dca-pub-6911964441712208%26adurl%3D
Frame ID: EC10E33D3C50604CC8CFF8F85D192D82
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5A4EBF20468CD3D8B2ABFAADE59CD11A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 010CEFF65E0D2D59A94EAA5A48351EBD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/error_handler.js
Frame ID: 03185554E3FA8D996FFC34E9DC7966E4
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hh246b6066mxpxcqmyee7h77tdd7wdbrds6kjwb579dychndw3jh1se5w0y76h080z12d6p45exfty4h0gbds68thz5meawxd8dfqrzhk6qvtscqck22g5dwgvaedxb9pgh45xqy48z2xtevfp7v6cs64pjrgp4ev0yxf1xw2qv0f03zsgrhf9b63grt6yv5ee0ktan5esb13hfbxbbhmzrr5b8sjj01fafp6w216kg0bzjw8dkkrtjh3nykas72vy1h0tpkjjvn9xkq8ztxt658qabk7162bb82sdxatwheze9q2t5wnezdt28v0g9047ycdkg0tgk9qr276h1zegggcm317vh2b653pbcgmtrb12zfcd89q6b7d1yxfvkezvvq764gyg79cwr8m5jrf4ged0mjzj3qjchg7phwxc52nhkhgkm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%26client%3Dca-pub-6911964441712208%26adurl%3D
Frame ID: 1FBB57E8F03F6B73EB88140B9F6186CC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1C2E5474C1F279AA8D846970366FD7C2
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4DD64260D3518B25D853954E49EFDF46
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: EF6089943B92059D310512BFBC760757
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D3B4B7E8A6D09116E84F4AEB528CFAFE
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=22451&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX&c=320&d=50&e=&g=5c12bc296ead293f27708cd6930bd6be%2F14264312211520795708&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674097943551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnhvmfce26r9r0v3zafcapvap1mjhqd1wp9509yvvx59wc5h7epxn5ydfz7htt3vpx86krf3ar5f29t8wvyejhmk5ja6pr44epqmk50mds9b5q1qy3jmwjyh40xmxsja94r2r507yj7097330tmwy09z3pqdrpqwafha53ty3tsj693vq4wwk72bs2vha40s7yh6jkq750nraxnjr67parxetvtx38gyh9vdhdkh4gemwega220e9zbq2zkbaxyw5amed2vzrr7re4r3zz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg8JiFrXIY8rqLeH33wPLj6a4BJDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgS_AU_QzudXc0vLPRUwAz-rEVp3YbQ5oCzw8Bz5AubV5kUihvLiot1HxkVXOoi9gGq5lExA1dR4srMepDMPDnM_OSyKfNGBXS6CM4ucGeSvV9Qf8uZ09V0-Qs08XzmMwpfl8rIQdFOfI_FDzlp23sjhGyNfrw6FJH1_bnufjgabpXftT067HXWZHkb5Q7YmoB1Hi-2vGfLe9sD6VicmO5oIR9ioJQ8MSGWRxpgjprnzHUBGPfrFAiAdqXp5aeHYAICrgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_iDVHIIlmg2OnQd3yRnf1YALGwQ%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Frame ID: 564FD6ED54F9A26FFCEF3312C3EC69EB
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=701fcf1505dce5112a7d95dc4781a40e%2F3833383824800334967&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943552&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb5aq3sghsj5hh4jb0x4whdqf1b1hem2bv7ha691sb6vprq38gqvz6s7979wk6yaq3et4xb6mjewbq9ec639jq0mabr95hd0bcz1wmrhxrhcm34pv2sxge8dpjxmh19677z4w6chgd1fm8mpx027n6rg77n5qyhp20yr8gr5afs0z9938rrzw8c54sqajj75wchzk0398z08m150r5fzyz7178xgve5m4w85jpngvenj65a5krkadjwe8hh9hzjsd6p7zmj9evjgtb2g6f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Frame ID: 9B73BF568633A2CDEDE7BA3B3B9F6B72
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=0732c46b3adff01fd0ad0e2b6915a6bb%2F8945317273360721031&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943605&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr96cjdryfaaw9qjx0p5yfqe60r593arh7jfdsfs08bjmseeqry2jnp5y25718gc9eaxy65gd332etksk1wmh1vz251mzc03z5h3ep2fxz5b7d2zgsvhdn4c0kdrmxj6mc4nrjrgvkvda3qnpnp6sz0t6f2njzz531x321zxca4xg9ytkn3znd0ep37edrnpg92abegg908ksg321gc95b9tstr89fzf4jkad2sap4vn0ghwq65cmgxcre5yw412sec0t1d4y0rnxecj98g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Frame ID: 03A0A0181B73443A6EC57D474E997E9E
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8701059ED6B4F8658C692EE3DF910A57
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 70C8C3DF6820AA032166E74E0FBF86A1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hitdu Music Official Sinhala Music Download

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Statically (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-z]*?:?//cdn\.statically\.io/

Page Statistics

179
Requests

75 %
HTTPS

60 %
IPv6

38
Domains

51
Subdomains

33
IPs

7
Countries

2188 kB
Transfer

4516 kB
Size

41
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/hitdumusic
Title: Facebook

Search URL Search Domain Scan URL

URL: https://mhthemes.com/themes/mh-magazine/?utm_source=customer&utm_medium=link&utm_campaign=MH+Magazine+Lite
Title: MH Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/01/logohitdu.png?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/01/logohitdu.png

Request Chain 11

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/12/Harshad-Ibrahim-Mayam-Tharaka-326x245.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/12/Harshad-Ibrahim-Mayam-Tharaka-326x245.jpg

Request Chain 12

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/12/Mathake-Athare-%E0%B6%B8%E0%B6%AD%E0%B6%9A%E0%B7%9A-%E0%B6%85%E0%B6%AD%E0%B6%BB%E0%B7%9A-Shamika-Lakshan-326x245.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/12/Mathake-Athare-%E0%B6%B8%E0%B6%AD%E0%B6%9A%E0%B7%9A-%E0%B6%85%E0%B6%AD%E0%B6%BB%E0%B7%9A-Shamika-Lakshan-326x245.jpg

Request Chain 13

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/12/Evill-D-ZAYGE-Nihada-Yame-326x245.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/12/Evill-D-ZAYGE-Nihada-Yame-326x245.jpg

Request Chain 14

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/12/Dhyan-Hewage-ft.-Mahiru-Senarathne-Rahase-Ma-326x245.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/12/Dhyan-Hewage-ft.-Mahiru-Senarathne-Rahase-Ma-326x245.jpg

Request Chain 15

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Stacey-Ryan-Fall-In-Love-Alone-326x245.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/11/Stacey-Ryan-Fall-In-Love-Alone-326x245.jpg

Request Chain 16

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Duka-Thada-Karan-%E0%B6%AF%E0%B7%94%E0%B6%9A-%E0%B6%AD%E0%B6%AF-%E0%B6%9A%E0%B6%BB%E0%B6%B1%E0%B7%8A-Cover-Version-By-Sadini-Jayakody-326x245.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/11/Duka-Thada-Karan-%E0%B6%AF%E0%B7%94%E0%B6%9A-%E0%B6%AD%E0%B6%AF-%E0%B6%9A%E0%B6%BB%E0%B6%B1%E0%B7%8A-Cover-Version-By-Sadini-Jayakody-326x245.jpg

Request Chain 17

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Costa-x-MasterD-Obata-Waram-%E0%B6%94%E0%B6%B6%E0%B6%A7-%E0%B7%80%E0%B6%BB%E0%B6%B8%E0%B7%8A-326x245.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/11/Costa-x-MasterD-Obata-Waram-%E0%B6%94%E0%B6%B6%E0%B6%A7-%E0%B7%80%E0%B6%BB%E0%B6%B8%E0%B7%8A-326x245.jpg

Request Chain 18

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Nikini-Re-%E0%B6%B1%E0%B7%92%E0%B6%9A%E0%B7%92%E0%B6%AB%E0%B7%92-%E0%B6%BB%E0%B7%91-Shavier-Mendis-326x245.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/11/Nikini-Re-%E0%B6%B1%E0%B7%92%E0%B6%9A%E0%B7%92%E0%B6%AB%E0%B7%92-%E0%B6%BB%E0%B7%91-Shavier-Mendis-326x245.jpg

Request Chain 19

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Senehas-Aware-%E0%B7%83%E0%B7%99%E0%B6%B1%E0%B7%99%E0%B7%84%E0%B7%83%E0%B7%8A-%E0%B6%85%E0%B7%80%E0%B7%8F%E0%B6%BB%E0%B7%9A-Adaraneeya-Prarthana-Supun-Perera-326x245.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/11/Senehas-Aware-%E0%B7%83%E0%B7%99%E0%B6%B1%E0%B7%99%E0%B7%84%E0%B7%83%E0%B7%8A-%E0%B6%85%E0%B7%80%E0%B7%8F%E0%B6%BB%E0%B7%9A-Adaraneeya-Prarthana-Supun-Perera-326x245.jpg

Request Chain 20

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Tinkiri-Passa-%E0%B6%A7%E0%B7%92%E0%B6%B1%E0%B7%8A%E0%B6%9A%E0%B7%92%E0%B6%BB%E0%B7%92-%E0%B6%B4%E0%B7%83%E0%B7%8A%E0%B7%83-Sinhala-Parody-Version-Rap-Song-Supuntha-326x245.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/11/Tinkiri-Passa-%E0%B6%A7%E0%B7%92%E0%B6%B1%E0%B7%8A%E0%B6%9A%E0%B7%92%E0%B6%BB%E0%B7%92-%E0%B6%B4%E0%B7%83%E0%B7%8A%E0%B7%83-Sinhala-Parody-Version-Rap-Song-Supuntha-326x245.jpg

Request Chain 21

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Vaachaala-%E0%B7%80%E0%B7%8F%E0%B6%A0%E0%B7%8F%E0%B6%BD-Nira-x-Dhanuva-FT-Breezy-326x245.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/11/Vaachaala-%E0%B7%80%E0%B7%8F%E0%B6%A0%E0%B7%8F%E0%B6%BD-Nira-x-Dhanuva-FT-Breezy-326x245.jpg

Request Chain 22

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/SHAN-PUTHA-X-MADUWA-Jadi-Mudi-326x245.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/11/SHAN-PUTHA-X-MADUWA-Jadi-Mudi-326x245.jpg

Request Chain 23

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Tum-Jo-Milo-Abhijeet-Srivastava-80x60.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/11/Tum-Jo-Milo-Abhijeet-Srivastava-80x60.jpg

Request Chain 24

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Athin-Alla-%E0%B6%85%E0%B6%AD%E0%B7%92%E0%B6%B1%E0%B7%8A-%E0%B6%85%E0%B6%BD%E0%B7%8A%E0%B6%BD%E0%B7%8F-Madhu-Senadeera-80x60.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/11/Athin-Alla-%E0%B6%85%E0%B6%AD%E0%B7%92%E0%B6%B1%E0%B7%8A-%E0%B6%85%E0%B6%BD%E0%B7%8A%E0%B6%BD%E0%B7%8F-Madhu-Senadeera-80x60.jpg

Request Chain 25

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Kawadaka-Hari-danewi-%E0%B6%9A%E0%B7%80%E0%B6%AF%E0%B7%8F%E0%B6%9A-%E0%B7%84%E0%B6%BB%E0%B7%92-%E0%B6%AF%E0%B7%90%E0%B6%B1%E0%B7%9A%E0%B7%80%E0%B7%92-Koushi-Perera-80x60.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/11/Kawadaka-Hari-danewi-%E0%B6%9A%E0%B7%80%E0%B6%AF%E0%B7%8F%E0%B6%9A-%E0%B7%84%E0%B6%BB%E0%B7%92-%E0%B6%AF%E0%B7%90%E0%B6%B1%E0%B7%9A%E0%B7%80%E0%B7%92-Koushi-Perera-80x60.jpg

Request Chain 26

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Pana-Kete-%E0%B6%B4%E0%B6%AB-%E0%B6%9A%E0%B7%90%E0%B6%A7%E0%B7%9A-Rasika-Liyanarachchi-80x60.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/11/Pana-Kete-%E0%B6%B4%E0%B6%AB-%E0%B6%9A%E0%B7%90%E0%B6%A7%E0%B7%9A-Rasika-Liyanarachchi-80x60.jpg

Request Chain 27

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Dukak-Hithunanam-%E0%B6%AF%E0%B7%94%E0%B6%9A%E0%B6%9A%E0%B7%8A-%E0%B7%84%E0%B7%92%E0%B6%AD%E0%B7%94%E0%B6%B1%E0%B7%8F%E0%B6%B1%E0%B6%B8%E0%B7%8A-Isuri-Imalka-Dissanayaka-80x60.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/11/Dukak-Hithunanam-%E0%B6%AF%E0%B7%94%E0%B6%9A%E0%B6%9A%E0%B7%8A-%E0%B7%84%E0%B7%92%E0%B6%AD%E0%B7%94%E0%B6%B1%E0%B7%8F%E0%B6%B1%E0%B6%B8%E0%B7%8A-Isuri-Imalka-Dissanayaka-80x60.jpg

Request Chain 28

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Magene-Tu-Hi-Hai-MixTape-By-Maduu-FT-Jenu-80x60.jpg?quality=100&f=auto HTTP 301
https://www.hitdu.com/wp-content/uploads/2022/11/Magene-Tu-Hi-Hai-MixTape-By-Maduu-FT-Jenu-80x60.jpg

Request Chain 74

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENnpKdA5tEjiTBR8ExBqLYA&google_cver=1&google_push=AavPq0NjZuu63D02hbkzQkVFkwuGrIEdDsVuCrL7csTcseiXyoA7sTh3REsJ0cjAa6aAW-ms19PUEN0bEKIC-sgEQa0aQNnY6AUrovs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NjZuu63D02hbkzQkVFkwuGrIEdDsVuCrL7csTcseiXyoA7sTh3REsJ0cjAa6aAW-ms19PUEN0bEKIC-sgEQa0aQNnY6AUrovs&google_hm=AMP9MtbORWacQmHNw1UdGW0

Request Chain 75

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPnkFr9qiFk3SUsIBCsNdII&google_cver=1&google_push=AavPq0Owpn92tkF7rC22_Ae8qUgyvzlt1MuysZz5fuDq_tHGi12MOXIjBQUxyEplfMsp3fu7I86wO3LfGCYE1SimT99CfWG8zc2r_0g HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPnkFr9qiFk3SUsIBCsNdII&google_cver=1&google_push=AavPq0Owpn92tkF7rC22_Ae8qUgyvzlt1MuysZz5fuDq_tHGi12MOXIjBQUxyEplfMsp3fu7I86wO3LfGCYE1SimT99CfWG8zc2r_0g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Owpn92tkF7rC22_Ae8qUgyvzlt1MuysZz5fuDq_tHGi12MOXIjBQUxyEplfMsp3fu7I86wO3LfGCYE1SimT99CfWG8zc2r_0g&google_hm=JY-hIQW6TdeYBivaxAb9bQ==

Request Chain 76

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKKt689WLDyzK-oXy77tb0k&google_cver=1&google_push=AavPq0OXAg1DrQ3sAXYuSur1kDyq5dok6b_rF_gQk-4MbULXN5xMqjvIsEQ2ii1y589is7GUHrpTnAMUwr1IIm5fKqO0YIyvK8sBjA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OXAg1DrQ3sAXYuSur1kDyq5dok6b_rF_gQk-4MbULXN5xMqjvIsEQ2ii1y589is7GUHrpTnAMUwr1IIm5fKqO0YIyvK8sBjA&google_hm=eS1qczN4SDNwRTJwRVRMM0FHSGhLNndxel9VUWpmTVpHRH5B

Request Chain 78

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFLTjxvX8n0sR0AB7ZTNEPw&google_cver=1&google_push=AavPq0NqDXV5ep37wIldevm4d3xT8iVlLWKaWn43ph4LS8rnuEsMw_Zx3lbPjlGZw1qK__HeNT5NKtmtoObEdSoil5IWl4wG6k4vod0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFLTjxvX8n0sR0AB7ZTNEPw&google_cver=1&google_push=AavPq0NqDXV5ep37wIldevm4d3xT8iVlLWKaWn43ph4LS8rnuEsMw_Zx3lbPjlGZw1qK__HeNT5NKtmtoObEdSoil5IWl4wG6k4vod0&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K-tLIcpCS0eI7ERFhVcwcw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NqDXV5ep37wIldevm4d3xT8iVlLWKaWn43ph4LS8rnuEsMw_Zx3lbPjlGZw1qK__HeNT5NKtmtoObEdSoil5IWl4wG6k4vod0

Request Chain 79

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFUE4cdft6RbHfP1O03UREc&google_cver=1&google_push=AavPq0MpCN0cEI2YbzqryKdartj6JGXCg73xe_rVfq4wr7T1UDIjDoKZRRc5QV2dcZaBtHKn1uoseCBnAvIzGmRdvlGisBrL3A5EQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MpCN0cEI2YbzqryKdartj6JGXCg73xe_rVfq4wr7T1UDIjDoKZRRc5QV2dcZaBtHKn1uoseCBnAvIzGmRdvlGisBrL3A5EQw

Request Chain 80

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJIB7nwbZgpGxwGjAsTjPiI&google_cver=1&google_push=AavPq0PpdArRBwwSxacFYFiHqgpPtHmZNGNmXbeq8uma5bqkFJEXqSIh7dchLMspHOkgJkFC9o_A48BRCi1Dq1rK4e_xGE10-7-auDg HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJIB7nwbZgpGxwGjAsTjPiI&google_cver=1&google_push=AavPq0PpdArRBwwSxacFYFiHqgpPtHmZNGNmXbeq8uma5bqkFJEXqSIh7dchLMspHOkgJkFC9o_A48BRCi1Dq1rK4e_xGE10-7-auDg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=258fa121-05ba-4dd7-9806-2bdac406fd6d&%%GOOGLE_PUSH_PAIR%%

Request Chain 96

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF4EsD8Y74CQk0P6MfQlgAI&google_cver=1&google_push=AavPq0O2yU3PYoqSJ7lF2yK809cOGZ0rQcyedMPdRAmtzCSmNv6d2bJ7waV0bdDOh8MFxI1b47T-3cjgUtXxlThVMcgzypVrqmzfOhHH&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0O2yU3PYoqSJ7lF2yK809cOGZ0rQcyedMPdRAmtzCSmNv6d2bJ7waV0bdDOh8MFxI1b47T-3cjgUtXxlThVMcgzypVrqmzfOhHH%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF4EsD8Y74CQk0P6MfQlgAI&google_cver=1&google_push=AavPq0O2yU3PYoqSJ7lF2yK809cOGZ0rQcyedMPdRAmtzCSmNv6d2bJ7waV0bdDOh8MFxI1b47T-3cjgUtXxlThVMcgzypVrqmzfOhHH&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0O2yU3PYoqSJ7lF2yK809cOGZ0rQcyedMPdRAmtzCSmNv6d2bJ7waV0bdDOh8MFxI1b47T-3cjgUtXxlThVMcgzypVrqmzfOhHH%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 97

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEA6oN82fJQFL6-gq6HnBQjo&google_cver=1&google_push=AavPq0M5rHdjz7M5-WVjNvfdiB5yWZ8_1C3jWIAhyjINQt2bNnpi4LtnNOlb-cL_mcFOo6Qtf8ya2T-FIbINONnkme3oqMQiSMbDfH07 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0M5rHdjz7M5-WVjNvfdiB5yWZ8_1C3jWIAhyjINQt2bNnpi4LtnNOlb-cL_mcFOo6Qtf8ya2T-FIbINONnkme3oqMQiSMbDfH07&google_hm=WtTVjg5IThul3k-PDy_REW0

Request Chain 98

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOZmN7RZg6aC3hkqQp0LK3c&google_cver=1&google_push=AavPq0Nl3TZ9SMiUFrfpsWA0_9Lph6jVn-Y2M0f1bUQGDUg63KaW5xm4tm9zAyDxQ1qBd0cP1gQfeCCqHTtkJ3_2RwM-JS2sx-NG4Lg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOZmN7RZg6aC3hkqQp0LK3c&google_cver=1&google_push=AavPq0Nl3TZ9SMiUFrfpsWA0_9Lph6jVn-Y2M0f1bUQGDUg63KaW5xm4tm9zAyDxQ1qBd0cP1gQfeCCqHTtkJ3_2RwM-JS2sx-NG4Lg HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685625812747075&expires=30&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Nl3TZ9SMiUFrfpsWA0_9Lph6jVn-Y2M0f1bUQGDUg63KaW5xm4tm9zAyDxQ1qBd0cP1gQfeCCqHTtkJ3_2RwM-JS2sx-NG4Lg&google_hm=JY-hIQW6TdeYBivaxAb9bQ==

Request Chain 99

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECigVfGi4RhjGZJjm7V2NwY&google_cver=1&google_push=AavPq0MnbNHH6KYK0VrsGzzupSZqnMr1j1-9pg-wMdgW1iK3X5Bd1R_3f8VgYg9yEBrpqqeIfUx6kup1WKBvIGVi9bHtYoLRnW1-KEPc HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0MnbNHH6KYK0VrsGzzupSZqnMr1j1-9pg-wMdgW1iK3X5Bd1R_3f8VgYg9yEBrpqqeIfUx6kup1WKBvIGVi9bHtYoLRnW1-KEPc&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1674097943269 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-34d8ce2f-b216-498e-a3a7-7a7b784cfd6c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0MnbNHH6KYK0VrsGzzupSZqnMr1j1-9pg-wMdgW1iK3X5Bd1R_3f8VgYg9yEBrpqqeIfUx6kup1WKBvIGVi9bHtYoLRnW1-KEPc%26google_hm%3DAzTYzi-yFkmOo6d6e3hM_Ww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MnbNHH6KYK0VrsGzzupSZqnMr1j1-9pg-wMdgW1iK3X5Bd1R_3f8VgYg9yEBrpqqeIfUx6kup1WKBvIGVi9bHtYoLRnW1-KEPc&google_hm=AzTYzi-yFkmOo6d6e3hM_Ww

Request Chain 100

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENeiujFtu_hHPVhnMPAPDHw&google_cver=1&google_push=AavPq0MKnMnCnjTYjfiv0_oDJ8SQoMDYehu454m-desfS0tEWHtlvveZrW-6lqf6IUYmS3x19uag7eskwVE9J9dVWtgfkTg3sGaDtcCFOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MKnMnCnjTYjfiv0_oDJ8SQoMDYehu454m-desfS0tEWHtlvveZrW-6lqf6IUYmS3x19uag7eskwVE9J9dVWtgfkTg3sGaDtcCFOA HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 101

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDht0KWyUmoCIPG_Dmf122s&google_cver=1&google_push=AavPq0NgCu3GBU1kXMrBMoI7GiafE5wYsK8H0SFuAszz96yoCmBFq0i5fR9Yq26ZR4mU1mi9YC1wDcEhSPV_LnKc2n09HgaukTQvbNEVAQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0NgCu3GBU1kXMrBMoI7GiafE5wYsK8H0SFuAszz96yoCmBFq0i5fR9Yq26ZR4mU1mi9YC1wDcEhSPV_LnKc2n09HgaukTQvbNEVAQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 102

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEG950V_-wYbE8cHC2QcYOw4&google_cver=1&google_push=AavPq0Mm4GWLkMvR4jiQVMQWT5euUtcZGfz0CYeacKL_Nj3rJQ8NHdYVih0XnKs7j15K8W8BvNwwG5AFUB6VLPS4NgpJnbU0moG2hyl6 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEG950V_-wYbE8cHC2QcYOw4&google_cver=1&google_push=AavPq0Mm4GWLkMvR4jiQVMQWT5euUtcZGfz0CYeacKL_Nj3rJQ8NHdYVih0XnKs7j15K8W8BvNwwG5AFUB6VLPS4NgpJnbU0moG2hyl6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=258fa121-05ba-4dd7-9806-2bdac406fd6d&%%GOOGLE_PUSH_PAIR%%

Request Chain 108

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 121

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC8h_rE9REOcv_9ky-WZi7o&google_cver=1&google_push=AavPq0OUhhrzWyrKILAkf8SRVKSKhJqWPzmknOJuv_XbQ-XiiQK_7Ct-bFHbswrb5yovnmyLl0yyQH5-IgesA_R7wnN83DIhVBXsZGM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzUxNjIxMjU2NTI2MjQxODE5MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAFS9wy-gMIrP71LMQtz89A&google_cver=1

Request Chain 122

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI1uZ3Sr_w_yWIGRZHfN4I4&google_cver=1&google_push=AavPq0MPAFUyDn1Ndi_bvV7QK_RW-wUSA470aQC8jKrWNLICo5L1llm5D04Cs0raUhtzo6w7Q0xnJC9ZMSLmOhMJl92uyI9jfz-nQCY HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI1uZ3Sr_w_yWIGRZHfN4I4&google_cver=1&google_push=AavPq0MPAFUyDn1Ndi_bvV7QK_RW-wUSA470aQC8jKrWNLICo5L1llm5D04Cs0raUhtzo6w7Q0xnJC9ZMSLmOhMJl92uyI9jfz-nQCY&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MPAFUyDn1Ndi_bvV7QK_RW-wUSA470aQC8jKrWNLICo5L1llm5D04Cs0raUhtzo6w7Q0xnJC9ZMSLmOhMJl92uyI9jfz-nQCY&google_hm=GAqAuGZHkkCLhfDlTDSO5c3L

Request Chain 123

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKHKYdCpPgtNYrM9FOeH04c&google_cver=1&google_push=AavPq0PvnuUYHqZ3OxfBw74zg3iQYTrGemrRkeENlyAidN_quweaL2xLzMnPYe9JV1irq1cDpeGWuvTO5nsr5UyMNll0ohAcs9QbPQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0PvnuUYHqZ3OxfBw74zg3iQYTrGemrRkeENlyAidN_quweaL2xLzMnPYe9JV1irq1cDpeGWuvTO5nsr5UyMNll0ohAcs9QbPQ

Request Chain 124

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEFvuf_fmpfRGTqqV64-wnxo&google_cver=1&google_push=AavPq0NFEzutLeUcCPMUuwVMH5l6x0OUC55JnpsjDX7H1CSgdfjCDNpPlUQdzs7SWcaLtHQRC3O8RFmuLJidNl8RHIZOp5xUn_-jLMQ HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-34d8ce2f-b216-498e-a3a7-7a7b784cfd6c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0NFEzutLeUcCPMUuwVMH5l6x0OUC55JnpsjDX7H1CSgdfjCDNpPlUQdzs7SWcaLtHQRC3O8RFmuLJidNl8RHIZOp5xUn_-jLMQ%26google_hm%3DAzTYzi-yFkmOo6d6e3hM_Ww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NFEzutLeUcCPMUuwVMH5l6x0OUC55JnpsjDX7H1CSgdfjCDNpPlUQdzs7SWcaLtHQRC3O8RFmuLJidNl8RHIZOp5xUn_-jLMQ&google_hm=AzTYzi-yFkmOo6d6e3hM_Ww

Request Chain 126

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEP7WKUHuVN1G1q5azM45vik&google_cver=1&google_push=AavPq0PJ8zcj5BUg4sKfsOSoRtvYEZ-3Cv5t0YtF9oykI9U16X4KdbYDSAKZbmUueq1a4oLuTRembucmhYeye0lWHhFvXs9v_xy57AJ8 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEP7WKUHuVN1G1q5azM45vik%26google_cver%3D1%26google_push%3DAavPq0PJ8zcj5BUg4sKfsOSoRtvYEZ-3Cv5t0YtF9oykI9U16X4KdbYDSAKZbmUueq1a4oLuTRembucmhYeye0lWHhFvXs9v_xy57AJ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzY2NzM2MDE0NTY3ODc5OTgxNQ%3D%3D&google_gid=CAESEP7WKUHuVN1G1q5azM45vik&google_cver=1&google_push=AavPq0PJ8zcj5BUg4sKfsOSoRtvYEZ-3Cv5t0YtF9oykI9U16X4KdbYDSAKZbmUueq1a4oLuTRembucmhYeye0lWHhFvXs9v_xy57AJ8

Request Chain 127

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFxtMuBRFpLyOPDLFpIJsxU&google_cver=1&google_push=AavPq0PEwBCwcY690W0U-Dk-REvHGprJ2RhsBoxP4ge0XPdLUhoUQaBJ8pIH78MDGTlOmyx7C4S2URuu_BJ4o-hxo9Vvw1rDUB6RjGEw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=258fa121-05ba-4dd7-9806-2bdac406fd6d&%%GOOGLE_PUSH_PAIR%%

Request Chain 147

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidBg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkGoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNC1jOrU0vwCFYvTEQgdFZEGYg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidBg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkGoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidBg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkGoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1674097944_18406780-97a7-11ed-ad94-2233c4476c8a

Request Chain 151

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CI_RkurU0vwCFVKRewod1QMNYg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023011904122480615901105X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2023011904122480615901105X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218

Request Chain 154

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CKvDjOrU0vwCFTWC_Qcd-jcGpg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023011904122480615901107X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0

Request Chain 157

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1674097943_1825daa0-97a7-11ed-a520-22653408fd8a&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 161

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CI_VkurU0vwCFeHIuwgdITAHBg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023011904122480615901101X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2023011904122480615901101X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218

Request Chain 166

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1674097943_18247b10-97a7-11ed-ad7b-22332650e18d&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 167

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CIzBjOrU0vwCFQHddwodW3oEIw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023011904122480615901103X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

179 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.hitdu.com/ 155 KB
17 KB 375ms
239ms Document
text/html 194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c87f0830b37e1408eefc411503b1b1388abf6130ee5770df02412842e68d1011

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 17261
Content-Type: text/html; charset=UTF-8
Date: Thu, 19 Jan 2023 03:12:20 GMT
Keep-Alive: timeout=5, max=100
Link: <https://www.hitdu.com/wp-json/>; rel="https://api.w.org/"
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK style.min.css
www.hitdu.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 77ms
42ms Stylesheet
text/css 194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hitdu.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jul 2022 12:10:37 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "15b64-5e2f99fa9e940-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 11681

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 226ms
79ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=Open+Sans:400,400italic,700,600

Requested by

Host: www.hitdu.com
URL: https://www.hitdu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66ce50d95c2f996ab9393a358f19b411b5dd482b3924b9cfadc719db9209c2fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Jan 2023 03:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 02:37:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Jan 2023 03:12:21 GMT

GET
H/1.1 200
OK style.css
www.hitdu.com/wp-content/themes/mh-magazine-lite/ 45 KB
9 KB 119ms
41ms Stylesheet
text/css 194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hitdu.com/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: b67fe64923a586061ca8b4ee5086f981d05f483f4a1bd87f6ccecb8570f8dffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 07:20:24 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "b222-5e92ac73c8b6c-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9233

GET
H/1.1 200
OK font-awesome.min.css
www.hitdu.com/wp-content/themes/mh-magazine-lite/includes/ 30 KB
7 KB 121ms
41ms Stylesheet
text/css 194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hitdu.com/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 07:20:24 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "7918-5e92ac73c2dad-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7053

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 134ms
51ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-188465769-1

Requested by

Host: www.hitdu.com
URL: https://www.hitdu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3bbc70c42e3c98edaf309b6945782b071a3d9c0b1688520824237e9263a8a965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43934
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Jan 2023 03:12:21 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 232ms
87ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6911964441712208

Requested by

Host: www.hitdu.com
URL: https://www.hitdu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5f2af3a89d680a42e7ea2d7117aeb2f4738a433c081e1d6172b87d267249649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
Origin: https://www.hitdu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49695
x-xss-protection: 0
server: cafe
etag: 16280895227428260294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:12:21 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
9 KB 161ms
46ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.hitdu.com
URL: https://www.hitdu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d20296e6e4095f1e284d820671a214c9bf89ae68599359c06e5447a9b980d57

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7574
x-xss-protection: 0
server: sffe
etag: "b4ec42ea4cc0aa97"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Jan 2023 03:12:21 GMT

GET
H/1.1

200
OK

logohitdu.png
www.hitdu.com/wp-content/uploads/2022/01/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/01/logohitdu.png?quality=100&f=auto
https://www.hitdu.com/wp-content/uploads/2022/01/logohitdu.png

15 KB
15 KB

43ms
42ms

Image
image/png

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/01/logohitdu.png
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c06ca462e459720f2606741541e8c87eef7937fe41722cfef47ed14057bb670a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Wed, 21 Sep 2022 07:26:34 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "3cae-5e92add4a9b15"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 15534

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/01/logohitdu.png
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 187ms
55ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Open+Sans:400,400italic,700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hitdu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 18:50:55 GMT
x-content-type-options: nosniff
age: 202886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 18:50:55 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.hitdu.com/wp-content/themes/mh-magazine-lite/fonts/ 75 KB
76 KB 40ms
40ms Font
font/woff2 194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hitdu.com/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.hitdu.com/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Origin: https://www.hitdu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Wed, 21 Sep 2022 07:20:24 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "12d68-5e92ac73c0e6d"
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 77160

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

Harshad-Ibrahim-Mayam-Tharaka-326x245.jpg
www.hitdu.com/wp-content/uploads/2022/12/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/12/Harshad-Ibrahim-Mayam-Tharaka-326x245.jpg?quality=100&f=auto
https://www.hitdu.com/wp-content/uploads/2022/12/Harshad-Ibrahim-Mayam-Tharaka-326x245.jpg

22 KB
22 KB

44ms
42ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/12/Harshad-Ibrahim-Mayam-Tharaka-326x245.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 40156ccb25534e95d609a021bfa670603509df3198b65e87e30b4a5fda05e3ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Fri, 02 Dec 2022 13:13:41 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "571c-5eed81b459091"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 22300

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/12/Harshad-Ibrahim-Mayam-Tharaka-326x245.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H/1.1

200
OK

Mathake-Athare-%E0%B6%B8%E0%B6%AD%E0%B6%9A%E0%B7%9A-%E0%B6%85%E0%B6%AD%E0%B6%BB%E0%B7%9A-Shamika-Lakshan-326x245.jpg
www.hitdu.com/wp-content/uploads/2022/12/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/12/Mathake-Athare-%E0%B6%B8%E0%B6%AD%E0%B6%9A%E0%B7%9A-%E0%B6%85%E0%B6%AD%E0%B6%BB%E0%B7%9A-Shamika-Lakshan-326x245.jpg?quality=1...
https://www.hitdu.com/wp-content/uploads/2022/12/Mathake-Athare-%E0%B6%B8%E0%B6%AD%E0%B6%9A%E0%B7%9A-%E0%B6%85%E0%B6%AD%E0%B6%BB%E0%B7%9A-Shamika-Lakshan-326x245.jpg

27 KB
27 KB

44ms
43ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/12/Mathake-Athare-%E0%B6%B8%E0%B6%AD%E0%B6%9A%E0%B7%9A-%E0%B6%85%E0%B6%AD%E0%B6%BB%E0%B7%9A-Shamika-Lakshan-326x245.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e3712fe8a75c65747b2404a3eb92c8ebe40dc094b616d896d280237e46e16ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Thu, 01 Dec 2022 03:35:19 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "6c43-5eebbe90260da"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 27715

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/12/Mathake-Athare-%E0%B6%B8%E0%B6%AD%E0%B6%9A%E0%B7%9A-%E0%B6%85%E0%B6%AD%E0%B6%BB%E0%B7%9A-Shamika-Lakshan-326x245.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H/1.1

200
OK

Evill-D-ZAYGE-Nihada-Yame-326x245.jpg
www.hitdu.com/wp-content/uploads/2022/12/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/12/Evill-D-ZAYGE-Nihada-Yame-326x245.jpg?quality=100&f=auto
https://www.hitdu.com/wp-content/uploads/2022/12/Evill-D-ZAYGE-Nihada-Yame-326x245.jpg

21 KB
21 KB

85ms
40ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/12/Evill-D-ZAYGE-Nihada-Yame-326x245.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 7fe9e616dec79e0c6e9f74ca7c448f6c624a28a499152edfd378c6acb644bc73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Thu, 01 Dec 2022 03:27:58 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "5468-5eebbcec58beb"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 21608

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/12/Evill-D-ZAYGE-Nihada-Yame-326x245.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H/1.1

200
OK

Dhyan-Hewage-ft.-Mahiru-Senarathne-Rahase-Ma-326x245.jpg
www.hitdu.com/wp-content/uploads/2022/12/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/12/Dhyan-Hewage-ft.-Mahiru-Senarathne-Rahase-Ma-326x245.jpg?quality=100&f=auto
https://www.hitdu.com/wp-content/uploads/2022/12/Dhyan-Hewage-ft.-Mahiru-Senarathne-Rahase-Ma-326x245.jpg

17 KB
17 KB

122ms
39ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/12/Dhyan-Hewage-ft.-Mahiru-Senarathne-Rahase-Ma-326x245.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a1d1651c19cfdd91386b3bd3e362a0ecf2636d6e6feb85b79fc763616b144020

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Thu, 01 Dec 2022 03:20:43 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "43a3-5eebbb4cbf944"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 17315

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/12/Dhyan-Hewage-ft.-Mahiru-Senarathne-Rahase-Ma-326x245.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H/1.1

200
OK

Stacey-Ryan-Fall-In-Love-Alone-326x245.jpg
www.hitdu.com/wp-content/uploads/2022/11/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Stacey-Ryan-Fall-In-Love-Alone-326x245.jpg?quality=100&f=auto
https://www.hitdu.com/wp-content/uploads/2022/11/Stacey-Ryan-Fall-In-Love-Alone-326x245.jpg

15 KB
16 KB

44ms
43ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/11/Stacey-Ryan-Fall-In-Love-Alone-326x245.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 186708f70013c65750ea6626fe4463cf9ffd8b10c345c580a45e2840be4cb2e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Mon, 28 Nov 2022 02:53:30 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "3db7-5ee7ef9fd3a0d"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15799

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/11/Stacey-Ryan-Fall-In-Love-Alone-326x245.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H/1.1

200
OK

Duka-Thada-Karan-%E0%B6%AF%E0%B7%94%E0%B6%9A-%E0%B6%AD%E0%B6%AF-%E0%B6%9A%E0%B6%BB%E0%B6%B1%E0%B7%8A-Cover-Version-By-Sadini-Jayakody-326x245.jpg
www.hitdu.com/wp-content/uploads/2022/11/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Duka-Thada-Karan-%E0%B6%AF%E0%B7%94%E0%B6%9A-%E0%B6%AD%E0%B6%AF-%E0%B6%9A%E0%B6%BB%E0%B6%B1%E0%B7%8A-Cover-Version-By-Sadini-J...
https://www.hitdu.com/wp-content/uploads/2022/11/Duka-Thada-Karan-%E0%B6%AF%E0%B7%94%E0%B6%9A-%E0%B6%AD%E0%B6%AF-%E0%B6%9A%E0%B6%BB%E0%B6%B1%E0%B7%8A-Cover-Version-By-Sadini-Jayakody-326x245.jpg

23 KB
23 KB

122ms
41ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/11/Duka-Thada-Karan-%E0%B6%AF%E0%B7%94%E0%B6%9A-%E0%B6%AD%E0%B6%AF-%E0%B6%9A%E0%B6%BB%E0%B6%B1%E0%B7%8A-Cover-Version-By-Sadini-Jayakody-326x245.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 61fa93bea8a4e2601112c3bf7e882b8139d14ecfc67625bce9838101472297dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Mon, 28 Nov 2022 02:47:18 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "5c86-5ee7ee3cb846b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 23686

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/11/Duka-Thada-Karan-%E0%B6%AF%E0%B7%94%E0%B6%9A-%E0%B6%AD%E0%B6%AF-%E0%B6%9A%E0%B6%BB%E0%B6%B1%E0%B7%8A-Cover-Version-By-Sadini-Jayakody-326x245.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H/1.1

200
OK

Costa-x-MasterD-Obata-Waram-%E0%B6%94%E0%B6%B6%E0%B6%A7-%E0%B7%80%E0%B6%BB%E0%B6%B8%E0%B7%8A-326x245.jpg
www.hitdu.com/wp-content/uploads/2022/11/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Costa-x-MasterD-Obata-Waram-%E0%B6%94%E0%B6%B6%E0%B6%A7-%E0%B7%80%E0%B6%BB%E0%B6%B8%E0%B7%8A-326x245.jpg?quality=100&f=auto
https://www.hitdu.com/wp-content/uploads/2022/11/Costa-x-MasterD-Obata-Waram-%E0%B6%94%E0%B6%B6%E0%B6%A7-%E0%B7%80%E0%B6%BB%E0%B6%B8%E0%B7%8A-326x245.jpg

20 KB
20 KB

122ms
42ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/11/Costa-x-MasterD-Obata-Waram-%E0%B6%94%E0%B6%B6%E0%B6%A7-%E0%B7%80%E0%B6%BB%E0%B6%B8%E0%B7%8A-326x245.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: bae0fc54af74296da4554354c1ba6a6c2a41c1fadb2c320cd99911c95e195c7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Mon, 28 Nov 2022 02:39:51 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "4ef0-5ee7ec9232495"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 20208

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/11/Costa-x-MasterD-Obata-Waram-%E0%B6%94%E0%B6%B6%E0%B6%A7-%E0%B7%80%E0%B6%BB%E0%B6%B8%E0%B7%8A-326x245.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H/1.1

200
OK

Nikini-Re-%E0%B6%B1%E0%B7%92%E0%B6%9A%E0%B7%92%E0%B6%AB%E0%B7%92-%E0%B6%BB%E0%B7%91-Shavier-Mendis-326x245.jpg
www.hitdu.com/wp-content/uploads/2022/11/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Nikini-Re-%E0%B6%B1%E0%B7%92%E0%B6%9A%E0%B7%92%E0%B6%AB%E0%B7%92-%E0%B6%BB%E0%B7%91-Shavier-Mendis-326x245.jpg?quality=100&f=auto
https://www.hitdu.com/wp-content/uploads/2022/11/Nikini-Re-%E0%B6%B1%E0%B7%92%E0%B6%9A%E0%B7%92%E0%B6%AB%E0%B7%92-%E0%B6%BB%E0%B7%91-Shavier-Mendis-326x245.jpg

22 KB
22 KB

125ms
40ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/11/Nikini-Re-%E0%B6%B1%E0%B7%92%E0%B6%9A%E0%B7%92%E0%B6%AB%E0%B7%92-%E0%B6%BB%E0%B7%91-Shavier-Mendis-326x245.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: b6e075b15a6f55767631a2146e95c41b2628e6000eb2782ecabfacdf80d97019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Mon, 28 Nov 2022 02:33:41 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "5764-5ee7eb31ded47"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 22372

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/11/Nikini-Re-%E0%B6%B1%E0%B7%92%E0%B6%9A%E0%B7%92%E0%B6%AB%E0%B7%92-%E0%B6%BB%E0%B7%91-Shavier-Mendis-326x245.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H/1.1

200
OK

Senehas-Aware-%E0%B7%83%E0%B7%99%E0%B6%B1%E0%B7%99%E0%B7%84%E0%B7%83%E0%B7%8A-%E0%B6%85%E0%B7%80%E0%B7%8F%E0%B6%BB%E0%B7%9A-Adaraneeya-Prarthana-Supun-Perera-326x245.jpg
www.hitdu.com/wp-content/uploads/2022/11/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Senehas-Aware-%E0%B7%83%E0%B7%99%E0%B6%B1%E0%B7%99%E0%B7%84%E0%B7%83%E0%B7%8A-%E0%B6%85%E0%B7%80%E0%B7%8F%E0%B6%BB%E0%B7%9A-Ad...
https://www.hitdu.com/wp-content/uploads/2022/11/Senehas-Aware-%E0%B7%83%E0%B7%99%E0%B6%B1%E0%B7%99%E0%B7%84%E0%B7%83%E0%B7%8A-%E0%B6%85%E0%B7%80%E0%B7%8F%E0%B6%BB%E0%B7%9A-Adaraneeya-Prarthana-Sup...

19 KB
19 KB

126ms
41ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/11/Senehas-Aware-%E0%B7%83%E0%B7%99%E0%B6%B1%E0%B7%99%E0%B7%84%E0%B7%83%E0%B7%8A-%E0%B6%85%E0%B7%80%E0%B7%8F%E0%B6%BB%E0%B7%9A-Adaraneeya-Prarthana-Supun-Perera-326x245.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a160e1ee49c25dca5ca1e50bd6522cf2ae6c9abb8c5ac0260da1b4029af43552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Mon, 28 Nov 2022 02:26:54 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "4c04-5ee7e9ad959bc"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 19460

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/11/Senehas-Aware-%E0%B7%83%E0%B7%99%E0%B6%B1%E0%B7%99%E0%B7%84%E0%B7%83%E0%B7%8A-%E0%B6%85%E0%B7%80%E0%B7%8F%E0%B6%BB%E0%B7%9A-Adaraneeya-Prarthana-Supun-Perera-326x245.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H/1.1

200
OK

Tinkiri-Passa-%E0%B6%A7%E0%B7%92%E0%B6%B1%E0%B7%8A%E0%B6%9A%E0%B7%92%E0%B6%BB%E0%B7%92-%E0%B6%B4%E0%B7%83%E0%B7%8A%E0%B7%83-Sinhala-Parody-Version-Rap-Song-Supuntha-326x245.jpg
www.hitdu.com/wp-content/uploads/2022/11/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Tinkiri-Passa-%E0%B6%A7%E0%B7%92%E0%B6%B1%E0%B7%8A%E0%B6%9A%E0%B7%92%E0%B6%BB%E0%B7%92-%E0%B6%B4%E0%B7%83%E0%B7%8A%E0%B7%83-Si...
https://www.hitdu.com/wp-content/uploads/2022/11/Tinkiri-Passa-%E0%B6%A7%E0%B7%92%E0%B6%B1%E0%B7%8A%E0%B6%9A%E0%B7%92%E0%B6%BB%E0%B7%92-%E0%B6%B4%E0%B7%83%E0%B7%8A%E0%B7%83-Sinhala-Parody-Version-R...

29 KB
29 KB

82ms
40ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/11/Tinkiri-Passa-%E0%B6%A7%E0%B7%92%E0%B6%B1%E0%B7%8A%E0%B6%9A%E0%B7%92%E0%B6%BB%E0%B7%92-%E0%B6%B4%E0%B7%83%E0%B7%8A%E0%B7%83-Sinhala-Parody-Version-Rap-Song-Supuntha-326x245.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 127b8c7558b2722619570b3021cb3cf59019f7b34e8db028744468bc66adda11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Sat, 26 Nov 2022 02:30:47 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "73b3-5ee566d0f3427"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 29619

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/11/Tinkiri-Passa-%E0%B6%A7%E0%B7%92%E0%B6%B1%E0%B7%8A%E0%B6%9A%E0%B7%92%E0%B6%BB%E0%B7%92-%E0%B6%B4%E0%B7%83%E0%B7%8A%E0%B7%83-Sinhala-Parody-Version-Rap-Song-Supuntha-326x245.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H/1.1

200
OK

Vaachaala-%E0%B7%80%E0%B7%8F%E0%B6%A0%E0%B7%8F%E0%B6%BD-Nira-x-Dhanuva-FT-Breezy-326x245.jpg
www.hitdu.com/wp-content/uploads/2022/11/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Vaachaala-%E0%B7%80%E0%B7%8F%E0%B6%A0%E0%B7%8F%E0%B6%BD-Nira-x-Dhanuva-FT-Breezy-326x245.jpg?quality=100&f=auto
https://www.hitdu.com/wp-content/uploads/2022/11/Vaachaala-%E0%B7%80%E0%B7%8F%E0%B6%A0%E0%B7%8F%E0%B6%BD-Nira-x-Dhanuva-FT-Breezy-326x245.jpg

11 KB
11 KB

81ms
39ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/11/Vaachaala-%E0%B7%80%E0%B7%8F%E0%B6%A0%E0%B7%8F%E0%B6%BD-Nira-x-Dhanuva-FT-Breezy-326x245.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 497ab64139aea1bba561de10ef1878bd46a971d23bef7782c351aa758daf1cc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Sat, 26 Nov 2022 02:21:05 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "2a03-5ee564a54cb02"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10755

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/11/Vaachaala-%E0%B7%80%E0%B7%8F%E0%B6%A0%E0%B7%8F%E0%B6%BD-Nira-x-Dhanuva-FT-Breezy-326x245.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H/1.1

200
OK

SHAN-PUTHA-X-MADUWA-Jadi-Mudi-326x245.jpg
www.hitdu.com/wp-content/uploads/2022/11/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/SHAN-PUTHA-X-MADUWA-Jadi-Mudi-326x245.jpg?quality=100&f=auto
https://www.hitdu.com/wp-content/uploads/2022/11/SHAN-PUTHA-X-MADUWA-Jadi-Mudi-326x245.jpg

18 KB
18 KB

84ms
40ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/11/SHAN-PUTHA-X-MADUWA-Jadi-Mudi-326x245.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 55c539b7c378ada3a217d999e8364ec8f1d83c0cbdd488dad4629feadd2b4253

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Sat, 26 Nov 2022 02:14:13 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "489c-5ee5631c90d46"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 18588

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/11/SHAN-PUTHA-X-MADUWA-Jadi-Mudi-326x245.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H/1.1

200
OK

Tum-Jo-Milo-Abhijeet-Srivastava-80x60.jpg
www.hitdu.com/wp-content/uploads/2022/11/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Tum-Jo-Milo-Abhijeet-Srivastava-80x60.jpg?quality=100&f=auto
https://www.hitdu.com/wp-content/uploads/2022/11/Tum-Jo-Milo-Abhijeet-Srivastava-80x60.jpg

2 KB
2 KB

126ms
40ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/11/Tum-Jo-Milo-Abhijeet-Srivastava-80x60.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 019b3768e45c01944ad699b50e214cee74cc06c4f817781be825f9825e46d230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Wed, 23 Nov 2022 06:14:28 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "869-5ee1d33742e7d"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2153

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/11/Tum-Jo-Milo-Abhijeet-Srivastava-80x60.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H/1.1

200
OK

Athin-Alla-%E0%B6%85%E0%B6%AD%E0%B7%92%E0%B6%B1%E0%B7%8A-%E0%B6%85%E0%B6%BD%E0%B7%8A%E0%B6%BD%E0%B7%8F-Madhu-Senadeera-80x60.jpg
www.hitdu.com/wp-content/uploads/2022/11/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Athin-Alla-%E0%B6%85%E0%B6%AD%E0%B7%92%E0%B6%B1%E0%B7%8A-%E0%B6%85%E0%B6%BD%E0%B7%8A%E0%B6%BD%E0%B7%8F-Madhu-Senadeera-80x60.j...
https://www.hitdu.com/wp-content/uploads/2022/11/Athin-Alla-%E0%B6%85%E0%B6%AD%E0%B7%92%E0%B6%B1%E0%B7%8A-%E0%B6%85%E0%B6%BD%E0%B7%8A%E0%B6%BD%E0%B7%8F-Madhu-Senadeera-80x60.jpg

3 KB
3 KB

127ms
41ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/11/Athin-Alla-%E0%B6%85%E0%B6%AD%E0%B7%92%E0%B6%B1%E0%B7%8A-%E0%B6%85%E0%B6%BD%E0%B7%8A%E0%B6%BD%E0%B7%8F-Madhu-Senadeera-80x60.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 5109cc7862c350f8d920b8d08a0401fabc3bbd92b019b1561d0ebc458a5b1ae6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Wed, 23 Nov 2022 05:25:36 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "a31-5ee1c84b22db4"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2609

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/11/Athin-Alla-%E0%B6%85%E0%B6%AD%E0%B7%92%E0%B6%B1%E0%B7%8A-%E0%B6%85%E0%B6%BD%E0%B7%8A%E0%B6%BD%E0%B7%8F-Madhu-Senadeera-80x60.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H/1.1

200
OK

Kawadaka-Hari-danewi-%E0%B6%9A%E0%B7%80%E0%B6%AF%E0%B7%8F%E0%B6%9A-%E0%B7%84%E0%B6%BB%E0%B7%92-%E0%B6%AF%E0%B7%90%E0%B6%B1%E0%B7%9A%E0%B7%80%E0%B7%92-Koushi-Perera-80x60.jpg
www.hitdu.com/wp-content/uploads/2022/11/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Kawadaka-Hari-danewi-%E0%B6%9A%E0%B7%80%E0%B6%AF%E0%B7%8F%E0%B6%9A-%E0%B7%84%E0%B6%BB%E0%B7%92-%E0%B6%AF%E0%B7%90%E0%B6%B1%E0%...
https://www.hitdu.com/wp-content/uploads/2022/11/Kawadaka-Hari-danewi-%E0%B6%9A%E0%B7%80%E0%B6%AF%E0%B7%8F%E0%B6%9A-%E0%B7%84%E0%B6%BB%E0%B7%92-%E0%B6%AF%E0%B7%90%E0%B6%B1%E0%B7%9A%E0%B7%80%E0%B7%9...

2 KB
3 KB

158ms
39ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/11/Kawadaka-Hari-danewi-%E0%B6%9A%E0%B7%80%E0%B6%AF%E0%B7%8F%E0%B6%9A-%E0%B7%84%E0%B6%BB%E0%B7%92-%E0%B6%AF%E0%B7%90%E0%B6%B1%E0%B7%9A%E0%B7%80%E0%B7%92-Koushi-Perera-80x60.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c73152a3a3d397dba4196e9c577bcc6b59252f76dacf0c4186bb41613769b1fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Wed, 23 Nov 2022 05:20:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "9e3-5ee1c72c9d971"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2531

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/11/Kawadaka-Hari-danewi-%E0%B6%9A%E0%B7%80%E0%B6%AF%E0%B7%8F%E0%B6%9A-%E0%B7%84%E0%B6%BB%E0%B7%92-%E0%B6%AF%E0%B7%90%E0%B6%B1%E0%B7%9A%E0%B7%80%E0%B7%92-Koushi-Perera-80x60.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H/1.1

200
OK

Pana-Kete-%E0%B6%B4%E0%B6%AB-%E0%B6%9A%E0%B7%90%E0%B6%A7%E0%B7%9A-Rasika-Liyanarachchi-80x60.jpg
www.hitdu.com/wp-content/uploads/2022/11/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Pana-Kete-%E0%B6%B4%E0%B6%AB-%E0%B6%9A%E0%B7%90%E0%B6%A7%E0%B7%9A-Rasika-Liyanarachchi-80x60.jpg?quality=100&f=auto
https://www.hitdu.com/wp-content/uploads/2022/11/Pana-Kete-%E0%B6%B4%E0%B6%AB-%E0%B6%9A%E0%B7%90%E0%B6%A7%E0%B7%9A-Rasika-Liyanarachchi-80x60.jpg

3 KB
3 KB

150ms
40ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/11/Pana-Kete-%E0%B6%B4%E0%B6%AB-%E0%B6%9A%E0%B7%90%E0%B6%A7%E0%B7%9A-Rasika-Liyanarachchi-80x60.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 0405c549d470e6b388d640fddf6615194b50ea21244f17d490a241bd3b4448a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Wed, 23 Nov 2022 05:16:46 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "a27-5ee1c6517ac4e"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 2599

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/11/Pana-Kete-%E0%B6%B4%E0%B6%AB-%E0%B6%9A%E0%B7%90%E0%B6%A7%E0%B7%9A-Rasika-Liyanarachchi-80x60.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H/1.1

200
OK

Dukak-Hithunanam-%E0%B6%AF%E0%B7%94%E0%B6%9A%E0%B6%9A%E0%B7%8A-%E0%B7%84%E0%B7%92%E0%B6%AD%E0%B7%94%E0%B6%B1%E0%B7%8F%E0%B6%B1%E0%B6%B8%E0%B7%8A-Isuri-Imalka-Dissanayaka-80x60.jpg
www.hitdu.com/wp-content/uploads/2022/11/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Dukak-Hithunanam-%E0%B6%AF%E0%B7%94%E0%B6%9A%E0%B6%9A%E0%B7%8A-%E0%B7%84%E0%B7%92%E0%B6%AD%E0%B7%94%E0%B6%B1%E0%B7%8F%E0%B6%B1...
https://www.hitdu.com/wp-content/uploads/2022/11/Dukak-Hithunanam-%E0%B6%AF%E0%B7%94%E0%B6%9A%E0%B6%9A%E0%B7%8A-%E0%B7%84%E0%B7%92%E0%B6%AD%E0%B7%94%E0%B6%B1%E0%B7%8F%E0%B6%B1%E0%B6%B8%E0%B7%8A-Isu...

3 KB
3 KB

127ms
42ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/11/Dukak-Hithunanam-%E0%B6%AF%E0%B7%94%E0%B6%9A%E0%B6%9A%E0%B7%8A-%E0%B7%84%E0%B7%92%E0%B6%AD%E0%B7%94%E0%B6%B1%E0%B7%8F%E0%B6%B1%E0%B6%B8%E0%B7%8A-Isuri-Imalka-Dissanayaka-80x60.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 4bdf1c3bbedc463278f628c032cd4a7b104ad140437170bebbfd7111d6fc8325

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Wed, 23 Nov 2022 05:03:01 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "b4a-5ee1c33ee603c"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2890

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/11/Dukak-Hithunanam-%E0%B6%AF%E0%B7%94%E0%B6%9A%E0%B6%9A%E0%B7%8A-%E0%B7%84%E0%B7%92%E0%B6%AD%E0%B7%94%E0%B6%B1%E0%B7%8F%E0%B6%B1%E0%B6%B8%E0%B7%8A-Isuri-Imalka-Dissanayaka-80x60.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H/1.1

200
OK

Magene-Tu-Hi-Hai-MixTape-By-Maduu-FT-Jenu-80x60.jpg
www.hitdu.com/wp-content/uploads/2022/11/
Redirect Chain

https://cdn.statically.io/img/www.hitdu.com/wp-content/uploads/2022/11/Magene-Tu-Hi-Hai-MixTape-By-Maduu-FT-Jenu-80x60.jpg?quality=100&f=auto
https://www.hitdu.com/wp-content/uploads/2022/11/Magene-Tu-Hi-Hai-MixTape-By-Maduu-FT-Jenu-80x60.jpg

3 KB
3 KB

167ms
40ms

Image
image/jpeg

194.163.150.165
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitdu.com/wp-content/uploads/2022/11/Magene-Tu-Hi-Hai-MixTape-By-Maduu-FT-Jenu-80x60.jpg
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: HTTP/1.1
Server: 194.163.150.165 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi780189.contaboserver.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c554dcbba1de28d99aa7bdc2070d021ee65987f1942961cd57742358400145ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:21 GMT
Last-Modified: Wed, 23 Nov 2022 04:46:21 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "c36-5ee1bf8597dc7"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3126

Redirect headers

date: Thu, 19 Jan 2023 03:12:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.hitdu.com/wp-content/uploads/2022/11/Magene-Tu-Hi-Hai-MixTape-By-Maduu-FT-Jenu-80x60.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-hhn-etou8220082-HHN

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
37ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-188465769-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 19 Jan 2023 02:26:10 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2771
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20085
expires: Thu, 19 Jan 2023 04:26:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 177 KB
66 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NB8SC61W82&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-188465769-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ffb4e69cdb69f1acaa77badc87f1b66e9db5837935807e18a2a2b6f20b5993d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67045
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Jan 2023 03:12:21 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 142ms
44ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NB8SC61W82&gtm=2oe1i0&_p=40106581&gdid=dZTNiMT&cid=1413326883.1674097941&ul=en-us&sr=1600x1200&_s=1&sid=1674097941&sct=1&seg=0&dl=https%3A%2F%2Fwww.hitdu.com%2F&dt=Hitdu%20Music%20Official%20Sinhala%20Music%20Download&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NB8SC61W82&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hitdu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 44ms
44ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=40106581&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hitdu.com%2F&ul=en-us&de=UTF-8&dt=Hitdu%20Music%20Official%20Sinhala%20Music%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1578714903&gjid=1701110489&cid=1413326883.1674097941&tid=UA-188465769-1&_gid=1466590602.1674097941&_r=1&_slc=1&gtm=2ou1i0&did=dZTNiMT&gdid=dZTNiMT&z=1852844790

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hitdu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hitdu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 138ms
47ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-188465769-1&cid=1413326883.1674097941&jid=1578714903&gjid=1701110489&_gid=1466590602.1674097941&_u=YCDACUAABAAAACAAI~&z=1257965794

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hitdu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 19 Jan 2023 03:12:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hitdu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 356 KB
117 KB 218ms
106ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6911964441712208&plah=www.hitdu.com&bust=31071635

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6911964441712208

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c297fe565cf2ef4f88e28cbad91c2bcc919ab2df69d47e03e16bed6275b758e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119922
x-xss-protection: 0
server: cafe
etag: 16941916500490711419
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:12:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230117/r20190131/ Frame C90A 10 KB
5 KB 201ms
54ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230117/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6911964441712208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 01:44:12 GMT
etag: 10353107486223812946
expires: Thu, 02 Feb 2023 01:44:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-6911964441712208 Show response
fundingchoicesmessages.google.com/i/ 120 KB
42 KB 252ms
105ms Script
application/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6911964441712208?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6911964441712208&plah=www.hitdu.com&bust=31071635

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b9aa6c2331eff16eb21521d8acbe1f073bfce5c6a3a353b7f92c4b28bb6357c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iq9sIQLtFoTEkOKFnCyKWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-iq9sIQLtFoTEkOKFnCyKWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
695 B 129ms
46ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.hitdu.com&callback=_gfp_s_&client=ca-pub-6911964441712208&gpid_exp=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11dbc0d42a9693917d51a2ffbf57920517ca9a9150644f6a3694373b846304ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 222ms
77ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hitdu.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 222ms
77ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hitdu.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A888 160 KB
35 KB 311ms
311ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&adk=3826760629&adf=1341073466&lmt=1674097942&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.hitdu.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097941551&bpp=2&bdt=558&idt=347&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5218503794227&frm=20&pv=2&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=747

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8da092d0b73c8ff6140036adbb9cc831f8e027d723799628c92591d04572f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 36082
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 03:12:22 GMT
expires: Thu, 19 Jan 2023 03:12:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7272 436 B
380 B 232ms
231ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=200&slotname=3467181458&adk=1881471838&adf=2181430633&pi=t.ma~as.3467181458&w=1080&fwrn=4&lmt=1674097942&rafmt=11&format=1080x200&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097941551&bpp=2&bdt=557&idt=384&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KC0r5cL8uM&p=https%3A//www.hitdu.com&dtd=751

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bda169ef240236d70dc7e9b6386c94a33ba3c544079bb5ca247384b892d66bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 03:12:22 GMT
expires: Thu, 19 Jan 2023 03:12:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3876 436 B
411 B 161ms
160ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=408&slotname=3554660062&adk=601411425&adf=437541325&pi=t.ma~as.3554660062&w=326&lmt=1674097942&rafmt=11&format=326x408&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097941551&bpp=1&bdt=558&idt=385&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1080x200&nras=1&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=522&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RfrPzLwaH3&p=https%3A//www.hitdu.com&dtd=753

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f24d08dc3e7375bf06acd5d78734fb39af8b084fb6c792cbfe116b1ee0c8468f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 03:12:22 GMT
expires: Thu, 19 Jan 2023 03:12:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B4AD 436 B
381 B 175ms
175ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=408&slotname=3554660062&adk=4043508497&adf=2097402210&pi=t.ma~as.3554660062&w=326&lmt=1674097942&rafmt=11&format=326x408&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097941551&bpp=1&bdt=558&idt=386&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1080x200%2C326x408&nras=1&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gWMAjUiRfM&p=https%3A//www.hitdu.com&dtd=755

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87aeac888d6f9093832d07b58f8588d146247b8decdc3615d50a46b352a1471f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 03:12:22 GMT
expires: Thu, 19 Jan 2023 03:12:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxUqMDpfzOz-6cMIDyx4jPYMGdFTFLMnAEh68pG184tjy_w6DX-TMmfeN6XZsfUfyOiCtA0ZhEw7NNGvJ3hhAVY= Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 102ms
101ms Script
application/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUqMDpfzOz-6cMIDyx4jPYMGdFTFLMnAEh68pG184tjy_w6DX-TMmfeN6XZsfUfyOiCtA0ZhEw7NNGvJ3hhAVY=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc0MDk3OTQyLDMxMDAwMDAwMF0sIjY3ODU0RDdCLTREQjYtNEIwRi1BMDFGLTdGNERFMjIyM0RBRSIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly93d3cuaGl0ZHUuY29tLyIsbnVsbCxbWzgsIjB5dF92ZUdGel84Il0sWzksImRlIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.0yt_veGFz_8.es5.O/d=1/rs=AJlcJMwY8CM_TXPy89lRSavObnZ5CA7mGA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9844dbef09c9f608570bed196bc2722932f11c0c44d5ea81635b13964889077

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-W3MEQUWlvjOtcZbt4VzLTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-W3MEQUWlvjOtcZbt4VzLTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXiXed83WnSfwmgAi4WkbvZK0ncu95uBDiNAczq4Sih595gVAhialphSI4BzUl56VuJsJxO0Bh4DiAd9Z7kXlE= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 198ms
86ms XHR
text/html 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXiXed83WnSfwmgAi4WkbvZK0ncu95uBDiNAczq4Sih595gVAhialphSI4BzUl56VuJsJxO0Bh4DiAd9Z7kXlE=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-byMx06HZ5WXJFMphVfEn-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 19 Jan 2023 03:12:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-byMx06HZ5WXJFMphVfEn-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hitdu.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUVUfGfrwWWkkNgj0GHjr3G44-v6FgaH-KAaW93oM8WnnuIrO8C5f5kLo6-468wAVAzbUCa4Wc13YKkRL9lWnffTpMrPtzO4UN5rLNrevU5Ggdx4a0DNkLyOWmTK__SXmCX6XGFow== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 122ms
122ms Script
application/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUVUfGfrwWWkkNgj0GHjr3G44-v6FgaH-KAaW93oM8WnnuIrO8C5f5kLo6-468wAVAzbUCa4Wc13YKkRL9lWnffTpMrPtzO4UN5rLNrevU5Ggdx4a0DNkLyOWmTK__SXmCX6XGFow==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc0MDk3OTQyLDQyMjAwMDAwMF0sIjY3ODU0RDdCLTREQjYtNEIwRi1BMDFGLTdGNERFMjIyM0RBRSIsbnVsbCxudWxsLFtudWxsLFs3LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMSwxXSwiaHR0cHM6Ly93d3cuaGl0ZHUuY29tLyIsbnVsbCxbWzgsIjB5dF92ZUdGel84Il0sWzksImRlIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

005f556fdbe51787694dd69c6083c35ef4ec56722f8920aef5303d08a3c5b2f4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BZztndRLft1sQ2Ht17P8dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BZztndRLft1sQ2Ht17P8dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 151 KB
51 KB 87ms
87ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/reactive_library_fy2021.js?bust=31071635

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c06114343d27abeac82f3a448721e9bf5244a585c72948e3b4425fd4cb531d25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52383
x-xss-protection: 0
server: cafe
etag: 10849042553980095614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:12:22 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 79ms
77ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hitdu.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 80ms
79ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hitdu.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 35B5 31 KB
12 KB 299ms
299ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=2218735691&pi=t.aa~a.3293720632~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408&nras=2&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=G9eutrFt9M&p=https%3A//www.hitdu.com&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd7ccad7850a8f186ed43d9f0f46ee1eb2c42a05073ea615ee64c147abc710b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12457
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 03:12:22 GMT
expires: Thu, 19 Jan 2023 03:12:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 888F 31 KB
12 KB 327ms
327ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=4255998660&pi=t.aa~a.3304678886~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1693&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250&nras=3&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=skATprfpxI&p=https%3A//www.hitdu.com&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b6de495183440f6be045eced6fc0a6bb05c58c15a6d8b8dbd9aea34849cbc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12599
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 03:12:22 GMT
expires: Thu, 19 Jan 2023 03:12:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AA3A 31 KB
12 KB 217ms
217ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=60&adk=1102246663&adf=4276601049&pi=t.aa~a.650443173~rp.2&w=502&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=502x60&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=0&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250%2C326x250&nras=4&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=S5Q66mUneO&p=https%3A//www.hitdu.com&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9573570decf772301f833e2c392ee8176e8004cbd4483a0d58cbff535e51963f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12605
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 03:12:22 GMT
expires: Thu, 19 Jan 2023 03:12:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/ Frame B4D5 10 KB
4 KB 55ms
55ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 02:20:47 GMT
etag: 10353107486223812946
expires: Thu, 02 Feb 2023 02:20:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame B4D5 4 KB
732 B 78ms
77ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Jan 2023 03:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 02:03:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Jan 2023 03:12:22 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B4D5 205 B
296 B 140ms
40ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 23:55:38 GMT
x-content-type-options: nosniff
age: 11804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 18 Jan 2024 23:55:38 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B4D5 604 B
1 KB 139ms
39ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 00:07:09 GMT
x-content-type-options: nosniff
age: 11113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 19 Jan 2024 00:07:09 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/elements/html/ Frame B4D5 19 KB
8 KB 204ms
54ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 04:55:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8191
x-xss-protection: 0
server: cafe
etag: 7335088802737092762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 04:55:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DD56 0
0 105ms
105ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYWvhFrXIY8rqLeH33wPLj6a4BJDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgS8AU_QzudXc0vLPRUwAz-rEVp3YbQ5oCzw8Bz5AubV5kUihvLiot1HxkVXOoi9gGq5lExA1dR4srMepDMPDnM_OSyKfNGBXS6CM4ucGeSvV9Qf8uZ09V0-Qs08XzmMwpfl8rIQdFOfI_FDzlp23sjhGyNfrw6FJH1_bnufjgabpXftT067HXWZHkb5Q7YmoB1Hi-2vGfLe9oL4d7Xxwh1Ij1_gs9VF2peo0pKOrJfrwMCEdGg9lj4xsa-l9qEQgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02OTExOTY0NDQxNzEyMjA4GAA&sigh=VyWHlcVeF_Q&uach_m=[UACH]&cid=CAQSOwDq26N9Uz7wUW8HuJa_4PFbddtuWpiqZueMv1BKcuT8uHTJkB1ibfP2rZwkoZqyRnU2c29hf5AWLiNHGAEgEw

Requested by

Host: www.hitdu.com
URL: https://www.hitdu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=60&adk=1102246663&adf=4276601049&pi=t.aa~a.650443173~rp.2&w=502&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=502x60&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=0&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250%2C326x250&nras=4&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=S5Q66mUneO&p=https%3A//www.hitdu.com&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Jan 2023 03:12:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame DD56 0
0 143ms
48ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gzjsv3tdnbsbz794v8cqse2xqzfj325dx2edcj1w4hjnmhmdr8s59rv142a7ce6fsmwenxcvrhjnz0gsv8gkck6tr9m8558byd3587neeer5fv8eff95r2wmngbpe7gd0sga34kvh2rj85vv3rkwajbprhbrx5ypzrmmbmye56xw13fhhz8ggr693wdv8v6vsy8e9t1kakjkg341606dgnwvmzgmacqx083nen2rvqs4ggtwysztk6a3gy3v43ts4h1ygvb812hm7rjems64p3jyqqr5tg2q6432a4hvn3c3qqax20hz7x69nqn47bb2s6tsepjzbep1q9ch7t6045c80jtpdjfq6hxvbk2cmga6x5ew18nyb5mnmj2m9vf506x562gpg&b=Y8i1FgALdUoKd_vhAAmHy6q_1ZhTzcLN6WxU3A
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 19 Jan 2023 03:12:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 4627 2 KB
3 KB 149ms
56ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hntzbw84z0q3mjszdxz2307k4f5bz4v9t5f6622k0wz2vycm99v0n6xjy63dhhq090rrb1jz2n3canyxj8tqjm0k65x1zt6d3e1khtaqwsa2hzv2y2da3cj1cszwkmakex51y9ghf0sc4md9qwn5g3a6dsf7a1v72a6s6cfj483a2rc2ywvfyx8venjngsr2v837nf63db9cna616knq5ehq5cax2bmqz79h0g6hv2kryr4fk5d4bgcff9m98nxkx0rdd3paxgys52dwbmbcejaagne0sfwsyh07x4ppajznnvkd6dtaf949dwmcmg8k2ka72a1qxdzqe8zgxz0mhg8x8a3etnhgkgnzd99fgbemg074v0c0s9hp3j6vgby6knwbq4r2wjysakem6076btzdc3236n7ftp8ewp2sfetkshs&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg8JiFrXIY8rqLeH33wPLj6a4BJDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgS_AU_QzudXc0vLPRUwAz-rEVp3YbQ5oCzw8Bz5AubV5kUihvLiot1HxkVXOoi9gGq5lExA1dR4srMepDMPDnM_OSyKfNGBXS6CM4ucGeSvV9Qf8uZ09V0-Qs08XzmMwpfl8rIQdFOfI_FDzlp23sjhGyNfrw6FJH1_bnufjgabpXftT067HXWZHkb5Q7YmoB1Hi-2vGfLe9sD6VicmO5oIR9ioJQ8MSGWRxpgjprnzHUBGPfrFAiAdqXp5aeHYAICrgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2_iDVHIIlmg2OnQd3yRnf1YALGwQ%26client%3Dca-pub-6911964441712208%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=60&adk=1102246663&adf=4276601049&pi=t.aa~a.650443173~rp.2&w=502&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=502x60&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=0&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250%2C326x250&nras=4&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=S5Q66mUneO&p=https%3A//www.hitdu.com&dtd=17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

479acc77ce8c0a5bd6e5c752dfc599805874576239d0a4e536f453914a3b3697

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78bc63701917927d-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 03:12:23 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame DD56 3 KB
1 KB 177ms
122ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:18:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:18:05 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AD4C 1 KB
643 B 58ms
56ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 06:31:40 GMT
etag: 48472445140208031
expires: Thu, 19 Jan 2023 06:31:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame DD56 18 KB
7 KB 164ms
111ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:18:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:18:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DD56 0
0 210ms
76ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTX3zbm5vHBDZoklZ0bgShIQy_YfAn_vYjvNwksw3KAGbm9-95GM2maUEntOdt8vDthEunX48E8lWLhSJ24keyi_z5HRQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=60&adk=1102246663&adf=4276601049&pi=t.aa~a.650443173~rp.2&w=502&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=502x60&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=0&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250%2C326x250&nras=4&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=S5Q66mUneO&p=https%3A//www.hitdu.com&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD56 157 KB
48 KB 200ms
101ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 03:12:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BCE8 8 KB
895 B 79ms
79ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Jan 2023 03:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 02:01:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Jan 2023 03:12:22 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame BCE8 2 KB
846 B 156ms
120ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:45:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:45:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/ Frame BCE8 22 KB
9 KB 95ms
61ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:16:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8872
x-xss-protection: 0
server: cafe
etag: 4731094640903799552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 19:16:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame BCE8 3 KB
1 KB 153ms
119ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:18:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:18:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame BCE8 18 KB
7 KB 104ms
70ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:18:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:18:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCE8 157 KB
49 KB 127ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 03:12:23 GMT

GET
H2 200 4486906364f6b2babc33c791099553dd.js Show response
www.gstatic.com/mysidia/ Frame BCE8 33 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4486906364f6b2babc33c791099553dd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da18ca5c0fcbb13b7cbcc303389199c34093913017249f2a8ba9a2f27049890a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 04:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14016
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 04:15:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 04:32:23 GMT

GET
H2 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame 35B5 7 KB
3 KB 114ms
114ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=2218735691&pi=t.aa~a.3293720632~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408&nras=2&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=G9eutrFt9M&p=https%3A//www.hitdu.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 02:17:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3136
x-xss-protection: 0
server: cafe
etag: 5752131211420753933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 02:17:47 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AD4C
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENnpKdA5tEjiTBR8ExBqLYA&google_cver=1&google_push=AavPq0NjZuu63D02hbkzQkVFkwuGrIEdDsVuCrL7csTcseiXyoA7sTh3REsJ0cjAa6aAW-ms19PUEN0bEKI...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NjZuu63D02hbkzQkVFkwuGrIEdDsVuCrL7csTcseiXyoA7sTh3REsJ0cjAa6aAW-ms19PUEN0bEKIC-sgEQa0aQNnY6AUrovs&google_hm=AMP9MtbORWacQmHNw...

170 B
232 B

48ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NjZuu63D02hbkzQkVFkwuGrIEdDsVuCrL7csTcseiXyoA7sTh3REsJ0cjAa6aAW-ms19PUEN0bEKIC-sgEQa0aQNnY6AUrovs&google_hm=AMP9MtbORWacQmHNw1UdGW0

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:22 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0NjZuu63D02hbkzQkVFkwuGrIEdDsVuCrL7csTcseiXyoA7sTh3REsJ0cjAa6aAW-ms19PUEN0bEKIC-sgEQa0aQNnY6AUrovs&google_hm=AMP9MtbORWacQmHNw1UdGW0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AD4C
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPnkFr9qiFk3SUsIBCsNdII&google_cver=1&google_push=AavPq0Owpn92tkF7rC22_Ae8qUgyvzlt1MuysZz5fuDq_tHGi12MOXIjBQUxyEplfMsp3fu7I86wO3LfGCYE1SimT99C...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPnkFr9qiFk3SUsIBCsNdII&google_cver=1&google_push=AavPq0Owpn92tkF7rC22_Ae8qUgyvzlt1MuysZz5fuDq_tHGi12MOXIjBQUxyEplfMsp3fu7I86wO3LfGCYE1S...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Owpn92tkF7rC22_Ae8qUgyvzlt1MuysZz5fuDq_tHGi12MOXIjBQUxyEplfMsp3fu7I86wO3LfGCYE1SimT99CfWG8zc2r_0g&google_hm=JY-hIQW6TdeYBivaxAb9...

170 B
232 B

48ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Owpn92tkF7rC22_Ae8qUgyvzlt1MuysZz5fuDq_tHGi12MOXIjBQUxyEplfMsp3fu7I86wO3LfGCYE1SimT99CfWG8zc2r_0g&google_hm=JY-hIQW6TdeYBivaxAb9bQ==

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Owpn92tkF7rC22_Ae8qUgyvzlt1MuysZz5fuDq_tHGi12MOXIjBQUxyEplfMsp3fu7I86wO3LfGCYE1SimT99CfWG8zc2r_0g&google_hm=JY-hIQW6TdeYBivaxAb9bQ==
date: Thu, 19 Jan 2023 03:12:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD4C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKKt689WLDyzK-oXy77tb0k&google_cver=1&google_push=AavPq0OXAg1DrQ3sAXYuSur1kDyq5dok6b_rF_gQk-4MbULXN5xMqjvIsEQ2ii1y589is7GUHrpTnAMUwr1IIm5fKqO0YIy...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OXAg1DrQ3sAXYuSur1kDyq5dok6b_rF_gQk-4MbULXN5xMqjvIsEQ2ii1y589is7GUHrpTnAMUwr1IIm5fKqO0YIyvK8sBjA&google_hm=eS1qczN4SDNwRTJwRVRM...

170 B
188 B

47ms
46ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OXAg1DrQ3sAXYuSur1kDyq5dok6b_rF_gQk-4MbULXN5xMqjvIsEQ2ii1y589is7GUHrpTnAMUwr1IIm5fKqO0YIyvK8sBjA&google_hm=eS1qczN4SDNwRTJwRVRMM0FHSGhLNndxel9VUWpmTVpHRH5B

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 19 Jan 2023 03:12:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OXAg1DrQ3sAXYuSur1kDyq5dok6b_rF_gQk-4MbULXN5xMqjvIsEQ2ii1y589is7GUHrpTnAMUwr1IIm5fKqO0YIyvK8sBjA&google_hm=eS1qczN4SDNwRTJwRVRMM0FHSGhLNndxel9VUWpmTVpHRH5B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame AD4C 43 B
350 B 163ms
49ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEG8_jbiUswElaR56JwtsChw&google_cver=1&google_push=AavPq0Ph1k2Zdue-ASRtTMbt87Bo1grA0YNXI6nbnT75T1ohHRa9ezTKjDrW13Ji0XNZ4-sS_SQIAq4y6LlyOPouadiXr9iJkrpPBrw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=60&adk=1102246663&adf=4276601049&pi=t.aa~a.650443173~rp.2&w=502&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=502x60&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=0&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250%2C326x250&nras=4&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=S5Q66mUneO&p=https%3A//www.hitdu.com&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:22 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 89a18hjnjoha1ne7ir1m6mqsnsui0c5f

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD4C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K-tLIcpCS0eI7ERFhVcwcw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

47ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K-tLIcpCS0eI7ERFhVcwcw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NqDXV5ep37wIldevm4d3xT8iVlLWKaWn43ph4LS8rnuEsMw_Zx3lbPjlGZw1qK__HeNT5NKtmtoObEdSoil5IWl4wG6k4vod0

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K-tLIcpCS0eI7ERFhVcwcw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NqDXV5ep37wIldevm4d3xT8iVlLWKaWn43ph4LS8rnuEsMw_Zx3lbPjlGZw1qK__HeNT5NKtmtoObEdSoil5IWl4wG6k4vod0
date: Thu, 19 Jan 2023 03:12:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AD4C
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFUE4cdft6RbHfP1O03UREc&google_cver=1&google_push=AavPq0MpCN0cEI2YbzqryKdartj6JGXCg73xe_rVfq4wr7T1UDIjDoKZRRc5QV2dcZaBtHKn1uoseCBnAvIz...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MpCN0cEI2YbzqryKdartj6JGXCg73xe_rVfq4wr7T1UDIjDoKZRRc5QV2dcZaBtHKn1uoseCBnAvIzGmRdvlGisBrL3A5EQw

170 B
329 B

47ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MpCN0cEI2YbzqryKdartj6JGXCg73xe_rVfq4wr7T1UDIjDoKZRRc5QV2dcZaBtHKn1uoseCBnAvIzGmRdvlGisBrL3A5EQw

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MpCN0cEI2YbzqryKdartj6JGXCg73xe_rVfq4wr7T1UDIjDoKZRRc5QV2dcZaBtHKn1uoseCBnAvIzGmRdvlGisBrL3A5EQw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AD4C
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJIB7nwbZ...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJI...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=258fa121-05ba-4dd7-9806-2bdac406fd6d&%%GOOGLE_PUSH_PAIR%%

170 B
232 B

48ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=258fa121-05ba-4dd7-9806-2bdac406fd6d&%%GOOGLE_PUSH_PAIR%%

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=258fa121-05ba-4dd7-9806-2bdac406fd6d&%%GOOGLE_PUSH_PAIR%%
date: Thu, 19 Jan 2023 03:12:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame AD4C 0
40 B 165ms
45ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LUTvCMffjJUpS_NlcbCIMeegq8GEgJgryqCJ1eXtvM9mNPcJMIOi8_EPnFoM920Dkl83Vbkg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2948 0
0 99ms
98ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CC3fvFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgS9AU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9UjqQuf-ZGTCea0S5cU4fJHEcHhfQ_azxDRKX90fsCVuwTM5x1Y4IAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02OTExOTY0NDQxNzEyMjA4GAA&sigh=zLeZLumjBOw&uach_m=[UACH]&cid=CAQSOwDq26N9iFY4pTd40qKxNVh0vMeJS020MQhqwfRkDrUFu6DxglBbZluLRqzeSf9lS5_l4gPB2VNZrKeKGAEgEw

Requested by

Host: www.hitdu.com
URL: https://www.hitdu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=4255998660&pi=t.aa~a.3304678886~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1693&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250&nras=3&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=skATprfpxI&p=https%3A//www.hitdu.com&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Jan 2023 03:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 2948 0
0 49ms
45ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kcwb40ey88mrrfz218k22dmfs3prek0jxgjqjhfbm7j90390eh4jcty8qqejg5asbcs6eqvv000mmv4swwxf11t8q0035z1jzdvad0tq3r2pczdj2r4dzt75ddz4vk5kc3apecxrq02vv7jh7d3kvzk0anwvd8ymw5qxsv6s3d6kc67b0chgfvzzsvx8y4csgjq9kmygvrxwc317j0m3jb0h9xv3pk27t40hnav3axsz4x007728y5x2bc75pr83cgr3501fzbcz6yweygzxsk6r40dbrdpf0zm8pcj193cs508x5vq070avmwex6p42ap9n595zchvvb3dca6kb0dx6cw55h7pjryjmfftcrw7zepyn0sh8q7t7maw64qz3r5f814hqc&b=Y8i1FgALc5EKd_bTAAshlquluI5f7a0E2eRY1Q
Requested by: Host: www.hitdu.com
URL: https://www.hitdu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 19 Jan 2023 03:12:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame EC10 2 KB
1 KB 58ms
56ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h9phnrg76vh3n5cm10jkv8tmfqmgr8g1jpv9pcbp9vggttp8q72pz87djrj806v12p1p3c074mcen3hetx9mw2qbe0f2w4enjz572hpe0k5v8ek4tmx03abpmvhq78hqjn0zy0s3624sk7z13xwqgvx0yvyrpscas70nebkv41yefhcd4s0ca7jv2bwy7sq8nq1nbrynzg7tjjw683qz4h22wfxffeq8ys6bmfj2ctfzq9pw0tfrzmbsaf3cq20byewetzsnerhvn42ppjan9njbsr50mb0bxca4v9cyda44j03hhd5ke0dh24qtsmvsh35bhrnq9ms310q9n9q226qd8eza9xpnn9gm8zbtd0nt7rjw2ksbt9y79nhms0j4pwkkt1akrqsajyjebkn2ra1pqqq27tg2w353vkshj25yfj0yb7ag&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%26client%3Dca-pub-6911964441712208%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=4255998660&pi=t.aa~a.3304678886~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1693&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250&nras=3&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=skATprfpxI&p=https%3A//www.hitdu.com&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3f9e746fc9e16614032c323fe39cdb7e582c2ab0969945001f1c9370a911a1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78bc63702930927d-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 03:12:23 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame 2948 3 KB
1 KB 73ms
70ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=4255998660&pi=t.aa~a.3304678886~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1693&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250&nras=3&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=skATprfpxI&p=https%3A//www.hitdu.com&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:18:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:18:05 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5A4E 1 KB
643 B 56ms
54ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=4255998660&pi=t.aa~a.3304678886~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1693&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250&nras=3&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=skATprfpxI&p=https%3A//www.hitdu.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 06:31:40 GMT
etag: 48472445140208031
expires: Thu, 19 Jan 2023 06:31:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame 2948 18 KB
7 KB 72ms
70ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=4255998660&pi=t.aa~a.3304678886~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1693&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250&nras=3&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=skATprfpxI&p=https%3A//www.hitdu.com&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:18:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:18:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2948 0
0 100ms
76ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRv1D9AFaCvVSjcNTcb-F1YcaVW4y4LKAbxXHY-5UUhAyCEv7dAi8HYUfAn2m3htt3hnEY54FDvZiQyN7e9-q9xLfXKhg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=4255998660&pi=t.aa~a.3304678886~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1693&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250&nras=3&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=skATprfpxI&p=https%3A//www.hitdu.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2948 157 KB
48 KB 122ms
120ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=4255998660&pi=t.aa~a.3304678886~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1693&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250&nras=3&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=skATprfpxI&p=https%3A//www.hitdu.com&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 03:12:23 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 010C 143 B
166 B 56ms
55ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 02:32:11 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 4627 90 KB
11 KB 50ms
49ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hntzbw84z0q3mjszdxz2307k4f5bz4v9t5f6622k0wz2vycm99v0n6xjy63dhhq090rrb1jz2n3canyxj8tqjm0k65x1zt6d3e1khtaqwsa2hzv2y2da3cj1cszwkmakex51y9ghf0sc4md9qwn5g3a6dsf7a1v72a6s6cfj483a2rc2ywvfyx8venjngsr2v837nf63db9cna616knq5ehq5cax2bmqz79h0g6hv2kryr4fk5d4bgcff9m98nxkx0rdd3paxgys52dwbmbcejaagne0sfwsyh07x4ppajznnvkd6dtaf949dwmcmg8k2ka72a1qxdzqe8zgxz0mhg8x8a3etnhgkgnzd99fgbemg074v0c0s9hp3j6vgby6knwbq4r2wjysakem6076btzdc3236n7ftp8ewp2sfetkshs&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg8JiFrXIY8rqLeH33wPLj6a4BJDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgS_AU_QzudXc0vLPRUwAz-rEVp3YbQ5oCzw8Bz5AubV5kUihvLiot1HxkVXOoi9gGq5lExA1dR4srMepDMPDnM_OSyKfNGBXS6CM4ucGeSvV9Qf8uZ09V0-Qs08XzmMwpfl8rIQdFOfI_FDzlp23sjhGyNfrw6FJH1_bnufjgabpXftT067HXWZHkb5Q7YmoB1Hi-2vGfLe9sD6VicmO5oIR9ioJQ8MSGWRxpgjprnzHUBGPfrFAiAdqXp5aeHYAICrgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2_iDVHIIlmg2OnQd3yRnf1YALGwQ%26client%3Dca-pub-6911964441712208%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hntzbw84z0q3mjszdxz2307k4f5bz4v9t5f6622k0wz2vycm99v0n6xjy63dhhq090rrb1jz2n3canyxj8tqjm0k65x1zt6d3e1khtaqwsa2hzv2y2da3cj1cszwkmakex51y9ghf0sc4md9qwn5g3a6dsf7a1v72a6s6cfj483a2rc2ywvfyx8venjngsr2v837nf63db9cna616knq5ehq5cax2bmqz79h0g6hv2kryr4fk5d4bgcff9m98nxkx0rdd3paxgys52dwbmbcejaagne0sfwsyh07x4ppajznnvkd6dtaf949dwmcmg8k2ka72a1qxdzqe8zgxz0mhg8x8a3etnhgkgnzd99fgbemg074v0c0s9hp3j6vgby6knwbq4r2wjysakem6076btzdc3236n7ftp8ewp2sfetkshs&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg8JiFrXIY8rqLeH33wPLj6a4BJDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgS_AU_QzudXc0vLPRUwAz-rEVp3YbQ5oCzw8Bz5AubV5kUihvLiot1HxkVXOoi9gGq5lExA1dR4srMepDMPDnM_OSyKfNGBXS6CM4ucGeSvV9Qf8uZ09V0-Qs08XzmMwpfl8rIQdFOfI_FDzlp23sjhGyNfrw6FJH1_bnufjgabpXftT067HXWZHkb5Q7YmoB1Hi-2vGfLe9sD6VicmO5oIR9ioJQ8MSGWRxpgjprnzHUBGPfrFAiAdqXp5aeHYAICrgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2_iDVHIIlmg2OnQd3yRnf1YALGwQ%26client%3Dca-pub-6911964441712208%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 43096
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AsYg9o14i8c1lGfDkgS3UHx3ztU70F%2B0Va3gAmFTZ0Vr8anAs6e5qtw6OXLvDUkvWyor3Mg07%2FUzQf5MfaaFVKmnlC2VonbvCAGwtzFSog6kowrHq%2F%2FIZl%2FByZkcVxMqXkucL6IIdHI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78bc63707970927d-FRA
expires: Thu, 19 Jan 2023 04:12:23 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 4627 35 KB
12 KB 61ms
46ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hntzbw84z0q3mjszdxz2307k4f5bz4v9t5f6622k0wz2vycm99v0n6xjy63dhhq090rrb1jz2n3canyxj8tqjm0k65x1zt6d3e1khtaqwsa2hzv2y2da3cj1cszwkmakex51y9ghf0sc4md9qwn5g3a6dsf7a1v72a6s6cfj483a2rc2ywvfyx8venjngsr2v837nf63db9cna616knq5ehq5cax2bmqz79h0g6hv2kryr4fk5d4bgcff9m98nxkx0rdd3paxgys52dwbmbcejaagne0sfwsyh07x4ppajznnvkd6dtaf949dwmcmg8k2ka72a1qxdzqe8zgxz0mhg8x8a3etnhgkgnzd99fgbemg074v0c0s9hp3j6vgby6knwbq4r2wjysakem6076btzdc3236n7ftp8ewp2sfetkshs&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg8JiFrXIY8rqLeH33wPLj6a4BJDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgS_AU_QzudXc0vLPRUwAz-rEVp3YbQ5oCzw8Bz5AubV5kUihvLiot1HxkVXOoi9gGq5lExA1dR4srMepDMPDnM_OSyKfNGBXS6CM4ucGeSvV9Qf8uZ09V0-Qs08XzmMwpfl8rIQdFOfI_FDzlp23sjhGyNfrw6FJH1_bnufjgabpXftT067HXWZHkb5Q7YmoB1Hi-2vGfLe9sD6VicmO5oIR9ioJQ8MSGWRxpgjprnzHUBGPfrFAiAdqXp5aeHYAICrgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2_iDVHIIlmg2OnQd3yRnf1YALGwQ%26client%3Dca-pub-6911964441712208%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 130083
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PelluPDzZBwGT4kuIyFckitLP8AVupYIvzTsekyNkDOCkdFDOEnoB2UaGTA7KaoVBsLiNYesTiccJfGlLq0Hv75BLsXaYn6T5VdR8jkl19qjXrE66Z1e6Uo0MuDi%2BydlLCAuOc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 78bc63709986927d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 17 Jan 2023 15:04:20 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame EC10 90 KB
11 KB 46ms
45ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h9phnrg76vh3n5cm10jkv8tmfqmgr8g1jpv9pcbp9vggttp8q72pz87djrj806v12p1p3c074mcen3hetx9mw2qbe0f2w4enjz572hpe0k5v8ek4tmx03abpmvhq78hqjn0zy0s3624sk7z13xwqgvx0yvyrpscas70nebkv41yefhcd4s0ca7jv2bwy7sq8nq1nbrynzg7tjjw683qz4h22wfxffeq8ys6bmfj2ctfzq9pw0tfrzmbsaf3cq20byewetzsnerhvn42ppjan9njbsr50mb0bxca4v9cyda44j03hhd5ke0dh24qtsmvsh35bhrnq9ms310q9n9q226qd8eza9xpnn9gm8zbtd0nt7rjw2ksbt9y79nhms0j4pwkkt1akrqsajyjebkn2ra1pqqq27tg2w353vkshj25yfj0yb7ag&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%26client%3Dca-pub-6911964441712208%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h9phnrg76vh3n5cm10jkv8tmfqmgr8g1jpv9pcbp9vggttp8q72pz87djrj806v12p1p3c074mcen3hetx9mw2qbe0f2w4enjz572hpe0k5v8ek4tmx03abpmvhq78hqjn0zy0s3624sk7z13xwqgvx0yvyrpscas70nebkv41yefhcd4s0ca7jv2bwy7sq8nq1nbrynzg7tjjw683qz4h22wfxffeq8ys6bmfj2ctfzq9pw0tfrzmbsaf3cq20byewetzsnerhvn42ppjan9njbsr50mb0bxca4v9cyda44j03hhd5ke0dh24qtsmvsh35bhrnq9ms310q9n9q226qd8eza9xpnn9gm8zbtd0nt7rjw2ksbt9y79nhms0j4pwkkt1akrqsajyjebkn2ra1pqqq27tg2w353vkshj25yfj0yb7ag&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%26client%3Dca-pub-6911964441712208%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 43096
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgwTW14JdKytbOBSmFSawGyrLEQFbFIF0nssm%2FEaltPZvlk4LFZwxjIk1mv1PEuul2DY5B7J1km9lxuu5CnDgE5XYnZrSL8Ix47VGwg9OUmwLg%2FOhy3bSgTIrBAF4SpAAsYVdEszcio%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78bc6370a996927d-FRA
expires: Thu, 19 Jan 2023 04:12:23 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame EC10 35 KB
12 KB 50ms
48ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h9phnrg76vh3n5cm10jkv8tmfqmgr8g1jpv9pcbp9vggttp8q72pz87djrj806v12p1p3c074mcen3hetx9mw2qbe0f2w4enjz572hpe0k5v8ek4tmx03abpmvhq78hqjn0zy0s3624sk7z13xwqgvx0yvyrpscas70nebkv41yefhcd4s0ca7jv2bwy7sq8nq1nbrynzg7tjjw683qz4h22wfxffeq8ys6bmfj2ctfzq9pw0tfrzmbsaf3cq20byewetzsnerhvn42ppjan9njbsr50mb0bxca4v9cyda44j03hhd5ke0dh24qtsmvsh35bhrnq9ms310q9n9q226qd8eza9xpnn9gm8zbtd0nt7rjw2ksbt9y79nhms0j4pwkkt1akrqsajyjebkn2ra1pqqq27tg2w353vkshj25yfj0yb7ag&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%26client%3Dca-pub-6911964441712208%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 130083
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MESERqHPPxu6HqLIs3MU%2FFxiF57hGoSc0XcZq4OJu%2FD2aX0UK5RUeWjbdgioC9yvSeEFIwh%2FqmDx0lxf85weKpy1C4DfdzFU4yvL8qvTB%2B340spU1pKWRYH%2Fqfag4J0JmvsuLf8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 78bc6370a997927d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 17 Jan 2023 15:04:20 GMT

GET
DATA 200
OK truncated
/ Frame DD56 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2828041d96dad7b3df90638e5eae34bd0ba677140015751a7c5c76d49f6204c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 5A4E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF4EsD8Y74CQk0P6MfQlgAI&google_cver=1&google_push=AavPq0O2yU3PYoqSJ7lF2yK809cOGZ0rQcyedMPdRAmtzCSmNv6d2bJ7waV0bdDOh8MFxI1b47T-3cjgUtXxlThVMcgzypVrqmzfO...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF4EsD8Y74CQk0P6MfQlgAI&google_cver=1&google_push=AavPq0O2yU3PYoqSJ7lF2yK809cOGZ0rQcyedMPdRAmtzCSmNv6d2bJ7waV0bdDOh8MFxI1b47T-3cjgUtXxlThVMcgzypVrqmz...

43 B
414 B

220ms
193ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF4EsD8Y74CQk0P6MfQlgAI&google_cver=1&google_push=AavPq0O2yU3PYoqSJ7lF2yK809cOGZ0rQcyedMPdRAmtzCSmNv6d2bJ7waV0bdDOh8MFxI1b47T-3cjgUtXxlThVMcgzypVrqmzfOhHH&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0O2yU3PYoqSJ7lF2yK809cOGZ0rQcyedMPdRAmtzCSmNv6d2bJ7waV0bdDOh8MFxI1b47T-3cjgUtXxlThVMcgzypVrqmzfOhHH%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=4255998660&pi=t.aa~a.3304678886~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1693&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250&nras=3&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=skATprfpxI&p=https%3A//www.hitdu.com&dtd=14
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 78bc6372ad732d04-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 223
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF4EsD8Y74CQk0P6MfQlgAI&google_cver=1&google_push=AavPq0O2yU3PYoqSJ7lF2yK809cOGZ0rQcyedMPdRAmtzCSmNv6d2bJ7waV0bdDOh8MFxI1b47T-3cjgUtXxlThVMcgzypVrqmzfOhHH&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0O2yU3PYoqSJ7lF2yK809cOGZ0rQcyedMPdRAmtzCSmNv6d2bJ7waV0bdDOh8MFxI1b47T-3cjgUtXxlThVMcgzypVrqmzfOhHH%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 78bc63713c772d04-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5A4E
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEA6oN82fJQFL6-gq6HnBQjo&google_cver=1&google_push=AavPq0M5rHdjz7M5-WVjNvfdiB5yWZ8_1C3jWIAhyjINQt2bNnpi4LtnNOlb-cL_mcFOo6Qtf8ya2T-FIbI...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0M5rHdjz7M5-WVjNvfdiB5yWZ8_1C3jWIAhyjINQt2bNnpi4LtnNOlb-cL_mcFOo6Qtf8ya2T-FIbINONnkme3oqMQiSMbDfH07&google_hm=WtTVjg5IThul3k-P...

170 B
232 B

46ms
46ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0M5rHdjz7M5-WVjNvfdiB5yWZ8_1C3jWIAhyjINQt2bNnpi4LtnNOlb-cL_mcFOo6Qtf8ya2T-FIbINONnkme3oqMQiSMbDfH07&google_hm=WtTVjg5IThul3k-PDy_REW0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=4255998660&pi=t.aa~a.3304678886~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1693&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250&nras=3&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=skATprfpxI&p=https%3A//www.hitdu.com&dtd=14

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0M5rHdjz7M5-WVjNvfdiB5yWZ8_1C3jWIAhyjINQt2bNnpi4LtnNOlb-cL_mcFOo6Qtf8ya2T-FIbINONnkme3oqMQiSMbDfH07&google_hm=WtTVjg5IThul3k-PDy_REW0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A4E
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOZmN7RZg6aC3hkqQp0LK3c&google_cver=1&google_push=AavPq0Nl3TZ9SMiUFrfpsWA0_9Lph6jVn-Y2M0f1bUQGDUg63KaW5xm4tm9zAyDxQ1qBd0cP1gQfeCCqHTtkJ3_2RwM-...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOZmN7RZg6aC3hkqQp0LK3c&google_cver=1&google_push=AavPq0Nl3TZ9SMiUFrfpsWA0_9Lph6jVn-Y2M0f1bUQGDUg63KaW5xm4tm9zAyDxQ1qBd0cP1gQfeCCqHTtkJ3...
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685625812747075&expires=30&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Nl3TZ9SMiUFrfpsWA0_9Lph6jVn-Y2M0f1bUQGDUg63KaW5xm4tm9zAyDxQ1qBd0cP1gQfeCCqHTtkJ3_2RwM-JS2sx-NG4Lg&google_hm=JY-hIQW6TdeYBivaxAb9...

170 B
188 B

47ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Nl3TZ9SMiUFrfpsWA0_9Lph6jVn-Y2M0f1bUQGDUg63KaW5xm4tm9zAyDxQ1qBd0cP1gQfeCCqHTtkJ3_2RwM-JS2sx-NG4Lg&google_hm=JY-hIQW6TdeYBivaxAb9bQ==

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Nl3TZ9SMiUFrfpsWA0_9Lph6jVn-Y2M0f1bUQGDUg63KaW5xm4tm9zAyDxQ1qBd0cP1gQfeCCqHTtkJ3_2RwM-JS2sx-NG4Lg&google_hm=JY-hIQW6TdeYBivaxAb9bQ==
date: Thu, 19 Jan 2023 03:12:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A4E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0MnbNHH6KYK0VrsGzzupSZqnMr1j1-9pg-wMdgW1iK3X5Bd1R_3f8VgYg9yEBrpqqeIfUx6kup1WKBvIGVi9bHtYoLRnW1-KEPc&redir=https%3A%2F%2Fcm.g.d...
https://sync.targeting.unrulymedia.com/csync/RX-34d8ce2f-b216-498e-a3a7-7a7b784cfd6c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0MnbNHH6KYK0VrsGzzup...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MnbNHH6KYK0VrsGzzupSZqnMr1j1-9pg-wMdgW1iK3X5Bd1R_3f8VgYg9yEBrpqqeIfUx6kup1WKBvIGVi9bHtYoLRnW1-KEPc&google_hm=AzTYzi-yFkmOo6d6e3hM_Ww

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MnbNHH6KYK0VrsGzzupSZqnMr1j1-9pg-wMdgW1iK3X5Bd1R_3f8VgYg9yEBrpqqeIfUx6kup1WKBvIGVi9bHtYoLRnW1-KEPc&google_hm=AzTYzi-yFkmOo6d6e3hM_Ww

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MnbNHH6KYK0VrsGzzupSZqnMr1j1-9pg-wMdgW1iK3X5Bd1R_3f8VgYg9yEBrpqqeIfUx6kup1WKBvIGVi9bHtYoLRnW1-KEPc&google_hm=AzTYzi-yFkmOo6d6e3hM_Ww
date: Thu, 19 Jan 2023 03:12:23 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX34d8ce2fb216498ea3a77a7b784cfd6c003
content-type: text/html

GET
H2

200

/
onetag-sys.com/match/ Frame 5A4E
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENeiujFtu_hHPVhnMPAPDHw&google_cver=1&google_push=AavPq0MKnMnCnjTYjfiv0_oDJ8SQoMDYehu454m-desfS0tEWHtlvveZrW-6lqf6IUYmS3x19uag7eskwVE...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MKnMnCnjTYjfiv0_oDJ8SQoMDYehu454m-desfS0tEWHtlvveZrW-6lqf6IUYmS3x19uag7eskwVE9J9dVWtgfkTg3sGaDtcCFOA
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

38ms
37ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=4255998660&pi=t.aa~a.3304678886~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1693&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250&nras=3&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=skATprfpxI&p=https%3A//www.hitdu.com&dtd=14

Protocol

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 5A4E
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDht0KWyUmoCIPG_Dmf122s&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0NgCu3GBU1kXMrBMoI7GiafE5wYsK8H0SFuAszz96yoCmBFq0i5fR9Yq26ZR4mU1mi9YC1wDcEhSPV_LnKc2n09HgaukTQvbNEVAQ
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

63ms
62ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=4255998660&pi=t.aa~a.3304678886~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1693&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250&nras=3&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=skATprfpxI&p=https%3A//www.hitdu.com&dtd=14
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Thu, 19 Jan 2023 03:12:23 GMT
pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A4E
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEG950V_-w...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEG9...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=258fa121-05ba-4dd7-9806-2bdac406fd6d&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

47ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=258fa121-05ba-4dd7-9806-2bdac406fd6d&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=4255998660&pi=t.aa~a.3304678886~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1693&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250&nras=3&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=skATprfpxI&p=https%3A//www.hitdu.com&dtd=14

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=258fa121-05ba-4dd7-9806-2bdac406fd6d&%%GOOGLE_PUSH_PAIR%%
date: Thu, 19 Jan 2023 03:12:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5A4E 0
223 B 47ms
45ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-VAqb4xtFYuz9Gp7iCpTzdAptWAMdWc5snoqDzzRrbWqC-XlPYOV73gpGgDKcbDZVqq0vH8Rq

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=4255998660&pi=t.aa~a.3304678886~rp.4&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1693&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408%2C326x250&nras=3&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=skATprfpxI&p=https%3A//www.hitdu.com&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame 0318 7 KB
3 KB 54ms
54ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=2218735691&pi=t.aa~a.3293720632~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408&nras=2&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=G9eutrFt9M&p=https%3A//www.hitdu.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 02:17:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3136
x-xss-protection: 0
server: cafe
etag: 5752131211420753933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Feb 2023 02:17:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame 0318 3 KB
1 KB 56ms
55ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=2218735691&pi=t.aa~a.3293720632~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408&nras=2&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=G9eutrFt9M&p=https%3A//www.hitdu.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:18:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:18:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame 0318 18 KB
7 KB 57ms
56ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=2218735691&pi=t.aa~a.3293720632~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408&nras=2&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=G9eutrFt9M&p=https%3A//www.hitdu.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 18:18:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:18:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0318 157 KB
48 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=2218735691&pi=t.aa~a.3293720632~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408&nras=2&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=G9eutrFt9M&p=https%3A//www.hitdu.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 03:12:23 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 010C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

90ms
88ms

Document
text/html

2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230117/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 03:12:23 GMT
expires: Thu, 19 Jan 2023 03:12:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 03:12:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2948 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe1d5c775724cb772b3dce8e8e92334f884cf5d0a5a3d3266b39fe4cc0a2fa0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0318 0
0 94ms
94ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cgg1TFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEvQFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-nbjnn_ANNx__7hXYY51V9OilT-D6HjEdCoSL1m3myVbiR12pJoCABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjkxMTk2NDQ0MTcxMjIwOBgA&sigh=IAH1FNHtlEo&uach_m=[UACH]&cid=CAQSOwDq26N9eD_5-Oz0Cni43vNQfz18H0xFHv9rCNlzQdEoajWpYBX4II8luxfm0MDwYGU9--T8BRfOaQoFGAEgEw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=2218735691&pi=t.aa~a.3293720632~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408&nras=2&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=G9eutrFt9M&p=https%3A//www.hitdu.com&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=2218735691&pi=t.aa~a.3293720632~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408&nras=2&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=G9eutrFt9M&p=https%3A//www.hitdu.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Jan 2023 03:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 0318 0
0 48ms
47ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g8y83w7cpzzmzcf7y751xghdyqh48xjc8yywn29jdcqvzvnbm08pr18mj3k3q7yw7bjcqnenqfpz570bek8ye7mc171cgn9pgn1fw4j4br9qnw6se8sd458hmeyn627tm07xg99vny8x25cqtjqeyzy5kw9tsxhmjavy7vjcdfagagehqxcgdfb05c9skyb3zd9332hw6ps74c3p6ma5wxy2b4c9kqt3q2m701gef0m6z2ejr28ahebwmee4y7r2netbh1eymjeqy36krnhp93n36g3mks93kke5qgqma5vk0trajec1w4x4p1dzmbqte6pdz70v3nxd0r9erjwqb4d5d93ew9x50esmaf9y095rqvb8vb47qkrmbtzkw526v196g2pj4&b=Y8i1FgALTyYHg4olAAFWLN_gWNE9oj6rdPGqzw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=2218735691&pi=t.aa~a.3293720632~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408&nras=2&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=G9eutrFt9M&p=https%3A//www.hitdu.com&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 19 Jan 2023 03:12:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 1FBB 2 KB
2 KB 57ms
57ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hh246b6066mxpxcqmyee7h77tdd7wdbrds6kjwb579dychndw3jh1se5w0y76h080z12d6p45exfty4h0gbds68thz5meawxd8dfqrzhk6qvtscqck22g5dwgvaedxb9pgh45xqy48z2xtevfp7v6cs64pjrgp4ev0yxf1xw2qv0f03zsgrhf9b63grt6yv5ee0ktan5esb13hfbxbbhmzrr5b8sjj01fafp6w216kg0bzjw8dkkrtjh3nykas72vy1h0tpkjjvn9xkq8ztxt658qabk7162bb82sdxatwheze9q2t5wnezdt28v0g9047ycdkg0tgk9qr276h1zegggcm317vh2b653pbcgmtrb12zfcd89q6b7d1yxfvkezvvq764gyg79cwr8m5jrf4ged0mjzj3qjchg7phwxc52nhkhgkm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%26client%3Dca-pub-6911964441712208%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=2218735691&pi=t.aa~a.3293720632~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408&nras=2&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=G9eutrFt9M&p=https%3A//www.hitdu.com&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09a651aa448b478d93c9c490b1a3ce89ff65f39af76e9c65ab509f82e7120f42

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78bc63719a3930f9-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 03:12:23 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1C2E 1 KB
643 B 55ms
55ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=2218735691&pi=t.aa~a.3293720632~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408&nras=2&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=G9eutrFt9M&p=https%3A//www.hitdu.com&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 06:31:40 GMT
etag: 48472445140208031
expires: Thu, 19 Jan 2023 06:31:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0318 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cc90ed5387678d00bc99ec760181eb80f30bb0597c65aa0a1f0289ae6a8d34e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4627 3 KB
3 KB 141ms
47ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2037
x-guploader-uploadid: ADPycds7EKu0NI3MuscqR8rZ2vY0PnCtsfL-3lqwII-Ri9432rCZudUL0kc5awqADiVMDU6czThCfdleKgnnYFYcsAwsMg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=METzhAiexKGjUUcoevGwuAZnSZwkAmt90V6vJNtrMTCfMUse66eDi0FOnVBtFykgLHVNAYjV%2FVjbovNnLcXDA1wE2z7N%2FMOTYZ5rRnrSa6a56XsqHj8ZZDUbJRft7c4HnrMulM2vQCf8eNKUeQNs1GoD"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 78bc63728c2e2bcd-FRA
expires: Thu, 19 Jan 2023 03:38:26 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame EC10 3 KB
4 KB 140ms
46ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2037
x-guploader-uploadid: ADPycds7EKu0NI3MuscqR8rZ2vY0PnCtsfL-3lqwII-Ri9432rCZudUL0kc5awqADiVMDU6czThCfdleKgnnYFYcsAwsMg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjhjlC%2FmqsM%2FXrhkG5zPtL9J1Hsu6SUmcsOMtGjo%2FA2K9yuCVWP8JaLzPF3wE7GoaXRTp2kGNdNNLm7LX6ZJHyWwQzK0iQ%2BTHNOXK9tP4Wz5VxmJYaDUvwGeoaKApPzSkpMyI4YY2vYqOkLDC69%2FwMvs"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 78bc63728c2f2bcd-FRA
expires: Thu, 19 Jan 2023 03:38:26 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 4DD6 2 KB
1 KB 49ms
49ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 203598
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 78bc63720a8430f9-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 19 Jan 2023 03:12:23 GMT
expires: Thu, 12 Jan 2023 18:57:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lad4GWsRQTDWcU0RAmTgXh%2BrGtnGkgW3WOcoM%2Ba1bh2%2BrT9jzQelx3F3ITuBZCaUKIDGNZNaR136iwYNj5Nh8FFsE%2BXr5TzdDn3dyW7YlPk%2Bk57L8KgTfYeFMiKLMgygGtf6r5M%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame EF60 2 KB
1 KB 46ms
46ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 203598
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 78bc63720a8630f9-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 19 Jan 2023 03:12:23 GMT
expires: Thu, 12 Jan 2023 18:57:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32RGUB5msU9JxMFRg2fV90MC1kXVh6VmnmN%2B2H8Ox8UrmJbf75ElGkb%2FIJWPMUdzX3traKU1mf2dGbAvr1dnbVfULFbYKL1vdRo%2FyI0PrWhRWCQ7THanO6UEuZvKJgO6GBfhg38%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 1FBB 90 KB
12 KB 74ms
74ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hh246b6066mxpxcqmyee7h77tdd7wdbrds6kjwb579dychndw3jh1se5w0y76h080z12d6p45exfty4h0gbds68thz5meawxd8dfqrzhk6qvtscqck22g5dwgvaedxb9pgh45xqy48z2xtevfp7v6cs64pjrgp4ev0yxf1xw2qv0f03zsgrhf9b63grt6yv5ee0ktan5esb13hfbxbbhmzrr5b8sjj01fafp6w216kg0bzjw8dkkrtjh3nykas72vy1h0tpkjjvn9xkq8ztxt658qabk7162bb82sdxatwheze9q2t5wnezdt28v0g9047ycdkg0tgk9qr276h1zegggcm317vh2b653pbcgmtrb12zfcd89q6b7d1yxfvkezvvq764gyg79cwr8m5jrf4ged0mjzj3qjchg7phwxc52nhkhgkm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%26client%3Dca-pub-6911964441712208%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hh246b6066mxpxcqmyee7h77tdd7wdbrds6kjwb579dychndw3jh1se5w0y76h080z12d6p45exfty4h0gbds68thz5meawxd8dfqrzhk6qvtscqck22g5dwgvaedxb9pgh45xqy48z2xtevfp7v6cs64pjrgp4ev0yxf1xw2qv0f03zsgrhf9b63grt6yv5ee0ktan5esb13hfbxbbhmzrr5b8sjj01fafp6w216kg0bzjw8dkkrtjh3nykas72vy1h0tpkjjvn9xkq8ztxt658qabk7162bb82sdxatwheze9q2t5wnezdt28v0g9047ycdkg0tgk9qr276h1zegggcm317vh2b653pbcgmtrb12zfcd89q6b7d1yxfvkezvvq764gyg79cwr8m5jrf4ged0mjzj3qjchg7phwxc52nhkhgkm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%26client%3Dca-pub-6911964441712208%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 43096
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0djBdXs81c4dBae34UapgI5ONJ1Oqqgb37iz%2FOuHhyl8x7HFXDl1BKMNZgiKTDmuayhdJt8D0%2BMOH508aZo8RD5mP%2FqMjvLG8m2eryI7pDDqmI%2BJSgmWBGfzjdJPtSx8ubu3m%2FZ%2Bu4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78bc63721a9430f9-FRA
expires: Thu, 19 Jan 2023 04:12:23 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 1FBB 35 KB
12 KB 46ms
46ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hh246b6066mxpxcqmyee7h77tdd7wdbrds6kjwb579dychndw3jh1se5w0y76h080z12d6p45exfty4h0gbds68thz5meawxd8dfqrzhk6qvtscqck22g5dwgvaedxb9pgh45xqy48z2xtevfp7v6cs64pjrgp4ev0yxf1xw2qv0f03zsgrhf9b63grt6yv5ee0ktan5esb13hfbxbbhmzrr5b8sjj01fafp6w216kg0bzjw8dkkrtjh3nykas72vy1h0tpkjjvn9xkq8ztxt658qabk7162bb82sdxatwheze9q2t5wnezdt28v0g9047ycdkg0tgk9qr276h1zegggcm317vh2b653pbcgmtrb12zfcd89q6b7d1yxfvkezvvq764gyg79cwr8m5jrf4ged0mjzj3qjchg7phwxc52nhkhgkm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%26client%3Dca-pub-6911964441712208%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 130083
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71WQfxuoAYoZSYWE897lL%2B5I10alreqr9X9SG1Ju6Lt8qO0oOd8fTTyoiz7e9diQesk4NhRs3q2FfOxTmC0oaEWCq%2BqsCPCnnnwGbfH8gF3GYsTb5XpJujRaV9qoCy2K4oJQHQc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 78bc63721a9530f9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 17 Jan 2023 15:04:20 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1C2E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC8h_rE9REOcv_9ky-WZi7o&google_cver=1&google_push=AavPq0OUhhrzWyrKILAkf8SRVKSKhJqWPzmknOJuv_XbQ-XiiQK_7Ct-bFHbswrb5yovnmyLl0yyQH5-IgesA_R7wnN83DIhVBXsZGM
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzUxNjIxMjU2NTI2MjQxODE5MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAFS9wy-gMIrP71LMQtz89A&google_cver=1

43 B
398 B

123ms
48ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAFS9wy-gMIrP71LMQtz89A&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAFS9wy-gMIrP71LMQtz89A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C2E
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI1uZ3Sr_w_yWIGRZHfN4I4&google_cver=1&google_push=AavPq0MPAFUyDn1Ndi_bvV7QK_RW-wUSA470aQC8jKrWNLICo5L1llm5D04Cs0raUhtzo6w7Q0xnJC9ZMSLmOhMJl...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI1uZ3Sr_w_yWIGRZHfN4I4&google_cver=1&google_push=AavPq0MPAFUyDn1Ndi_bvV7QK_RW-wUSA470aQC8jKrWNLICo5L1llm5D04Cs0raUhtzo6w7Q0xnJC9ZMSLmOhMJl...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MPAFUyDn1Ndi_bvV7QK_RW-wUSA470aQC8jKrWNLICo5L1llm5D04Cs0raUhtzo6w7Q0xnJC9ZMSLmOhMJl92uyI9jfz-nQCY&google_hm=GAqAuGZHkkCLhfDlTDS...

170 B
188 B

48ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MPAFUyDn1Ndi_bvV7QK_RW-wUSA470aQC8jKrWNLICo5L1llm5D04Cs0raUhtzo6w7Q0xnJC9ZMSLmOhMJl92uyI9jfz-nQCY&google_hm=GAqAuGZHkkCLhfDlTDSO5c3L

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 19 Jan 2023 03:12:23 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MPAFUyDn1Ndi_bvV7QK_RW-wUSA470aQC8jKrWNLICo5L1llm5D04Cs0raUhtzo6w7Q0xnJC9ZMSLmOhMJl92uyI9jfz-nQCY&google_hm=GAqAuGZHkkCLhfDlTDSO5c3L
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C2E
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKHKYdCpPgtNYrM9FOeH04c&google_cver=1&google_push=AavPq0PvnuUYHqZ3OxfBw74zg3iQYTrGemrRkeENlyAidN_quweaL2xLzMnPYe9JV1irq1cDpeGWuvTO5nsr5UyM...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0PvnuUYHqZ3OxfBw74zg3iQYTrGemrRkeENlyAidN_quweaL2xLzMnPYe9JV1irq1cDpeGWuvTO5nsr5UyMNll0ohAcs9QbPQ

170 B
188 B

47ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0PvnuUYHqZ3OxfBw74zg3iQYTrGemrRkeENlyAidN_quweaL2xLzMnPYe9JV1irq1cDpeGWuvTO5nsr5UyMNll0ohAcs9QbPQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=2218735691&pi=t.aa~a.3293720632~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408&nras=2&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=G9eutrFt9M&p=https%3A//www.hitdu.com&dtd=6

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 19 Jan 2023 03:12:23 GMT
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0PvnuUYHqZ3OxfBw74zg3iQYTrGemrRkeENlyAidN_quweaL2xLzMnPYe9JV1irq1cDpeGWuvTO5nsr5UyMNll0ohAcs9QbPQ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: g-Q_gBUutQOyJqFZoQVd117tN6vWzGSfMZAAT4A80in4UTlUOBRUlg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C2E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
https://sync.targeting.unrulymedia.com/csync/RX-34d8ce2f-b216-498e-a3a7-7a7b784cfd6c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0NFEzutLeUcCPMUuwVMH...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NFEzutLeUcCPMUuwVMH5l6x0OUC55JnpsjDX7H1CSgdfjCDNpPlUQdzs7SWcaLtHQRC3O8RFmuLJidNl8RHIZOp5xUn_-jLMQ&google_hm=AzTYzi-yFkmOo6d6e3hM_Ww

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NFEzutLeUcCPMUuwVMH5l6x0OUC55JnpsjDX7H1CSgdfjCDNpPlUQdzs7SWcaLtHQRC3O8RFmuLJidNl8RHIZOp5xUn_-jLMQ&google_hm=AzTYzi-yFkmOo6d6e3hM_Ww

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NFEzutLeUcCPMUuwVMH5l6x0OUC55JnpsjDX7H1CSgdfjCDNpPlUQdzs7SWcaLtHQRC3O8RFmuLJidNl8RHIZOp5xUn_-jLMQ&google_hm=AzTYzi-yFkmOo6d6e3hM_Ww
date: Thu, 19 Jan 2023 03:12:23 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX34d8ce2fb216498ea3a77a7b784cfd6c003
content-type: text/html

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 1C2E 0
45 B 317ms
48ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPjvfl71ETmIRctJ24aeKEg&google_cver=1&google_push=AavPq0NPLKVwUiyVaUY33SHuuT0sOA9dvPQNcs-bc2Wtz8yWL4Kn8SHjMXSzWImbebNE7GVAp2U7LbSUofPp3DLpcWNc3dZWOD6hG9k
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=2218735691&pi=t.aa~a.3293720632~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408&nras=2&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=G9eutrFt9M&p=https%3A//www.hitdu.com&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:22 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C2E
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEP7WKUHuVN1G1q5azM45vik&google_cver=1&google_push=AavPq0PJ8zcj5BUg4...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEP7WKUHuVN1G1q5azM45vik%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzY2NzM2MDE0NTY3ODc5OTgxNQ%3D%3D&google_gid=CAESEP7WKUHuVN1G1q5azM45vik&google_cver=1&google_push=AavPq0PJ8zcj5BUg4sKfsOSoRtvYEZ-3Cv...

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzY2NzM2MDE0NTY3ODc5OTgxNQ%3D%3D&google_gid=CAESEP7WKUHuVN1G1q5azM45vik&google_cver=1&google_push=AavPq0PJ8zcj5BUg4sKfsOSoRtvYEZ-3Cv5t0YtF9oykI9U16X4KdbYDSAKZbmUueq1a4oLuTRembucmhYeye0lWHhFvXs9v_xy57AJ8

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 19 Jan 2023 03:12:23 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.109; 80.255.7.109; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 274b7619-bb72-48f0-89f0-0e9945627b1a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzY2NzM2MDE0NTY3ODc5OTgxNQ%3D%3D&google_gid=CAESEP7WKUHuVN1G1q5azM45vik&google_cver=1&google_push=AavPq0PJ8zcj5BUg4sKfsOSoRtvYEZ-3Cv5t0YtF9oykI9U16X4KdbYDSAKZbmUueq1a4oLuTRembucmhYeye0lWHhFvXs9v_xy57AJ8
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C2E
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFxtMuBRF...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=258fa121-05ba-4dd7-9806-2bdac406fd6d&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

48ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=258fa121-05ba-4dd7-9806-2bdac406fd6d&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=2218735691&pi=t.aa~a.3293720632~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408&nras=2&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=G9eutrFt9M&p=https%3A//www.hitdu.com&dtd=6

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=258fa121-05ba-4dd7-9806-2bdac406fd6d&%%GOOGLE_PUSH_PAIR%%
date: Thu, 19 Jan 2023 03:12:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1C2E 0
12 B 51ms
50ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KcwSG_N87acm9exjOIkoCcV_vgvSxDv44f7obfd7a94gyIB9N7WN3KrfHxCbajWZuTgwqEidg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-6911964441712208&output=html&h=250&adk=3506465449&adf=2218735691&pi=t.aa~a.3293720632~rp.1&w=326&fwrn=4&fwrnh=100&lmt=1674097942&rafmt=1&to=qs&pwprc=6498234271&format=326x250&url=https%3A%2F%2Fwww.hitdu.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674097942687&bpp=1&bdt=1694&idt=-M&shv=r20230117&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f243659c01639e1-22f1c6dc54db002f%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA&gpic=UID%3D00000ba4d626f08e%3AT%3D1674097942%3ART%3D1674097942%3AS%3DALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg&prev_fmts=0x0%2C1080x200%2C326x408%2C326x408&nras=2&correlator=5218503794227&frm=20&pv=1&ga_vid=1413326883.1674097941&ga_sid=1674097942&ga_hid=40106581&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071635%2C44779793&oid=2&pvsid=1185084203397526&tmod=305331353&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=G9eutrFt9M&p=https%3A//www.hitdu.com&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 rs Show response
ad4m.at/ Frame EC10 1 KB
2 KB 60ms
60ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 599f7884d948a4f89a14c99c86694037b9de229493c7189ec6a6979a6c4b9f9b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3yi7i1YD9QcW09EI7Plwt7a%2Fi0NBJpvGEMDfytNN8jhv%2FWuSWwsiDCkhdxsxmoATisRbx2wrndLrM4OA0o3n3EH7HUUd%2BoMQgZfXMHjsgshXTnzMLcpzGpdOIosLK3w1tHv%2BNL0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 78bc63731c0330f0-FRA
x-backend-server: aa-reachservice-group-europe-west1-tv6f
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame 4627 1 KB
1 KB 61ms
60ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81228f9d03e59ee64d416dc876d6914f351b31f64eca3d206a8772d4e556db0d

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8eTJFxe3E3ba%2Fc1Jw43zQz6X6%2FYst%2FaF8OyF5XrmKikAjZb%2B5bgerlIoTkJf8GSZ8KjybXphwFM%2BqIhIO8WpwZDO5Yr7uG0DvwxKV13nzYadUa7VU9XyoiYMSpkF2EXinTTGl4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 78bc63731bfe30f0-FRA
x-backend-server: aa-reachservice-group-europe-west1-gxt5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 101ms
59ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78bc6372bbb530f0-FRA
content-length: 24
content-type: text/plain
date: Thu, 19 Jan 2023 03:12:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9TJIULm0ybWgt48wtW7EERAmSNnftAQ3SfyzTbIiRSHcLJ6ve6wOF2vPJWkvwz7Tx2CDagi53h%2B17EkY%2FDr2hTWTxG%2FdUTCQRLuD74UJ6m8FDSLxPRGTgANRlhkaLKfIso1oh0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-gxt5

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 98ms
56ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78bc6372bbb630f0-FRA
content-length: 24
content-type: text/plain
date: Thu, 19 Jan 2023 03:12:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KU1NxeKSKkSJPqig4q5oAfAkAcs%2BKNGlJhsTC%2BTrTWylsnJdgDjwjCbxEoMs%2Bv8jE82R83klrU91uLyk3AUY7A8jrCPjN5kpd7Z6bdGDx0zHZrPMh93yBnTWc93UGZHwgfPTvE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-gxt5

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1FBB 3 KB
3 KB 50ms
50ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2037
x-guploader-uploadid: ADPycds7EKu0NI3MuscqR8rZ2vY0PnCtsfL-3lqwII-Ri9432rCZudUL0kc5awqADiVMDU6czThCfdleKgnnYFYcsAwsMg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0mN%2B0ps%2BfJB4NyE2hShoSPgR%2B0%2FR8oayZL5%2Bt4Xa%2FMXypDNqdD7HGxV6JJTOx%2BuSXpkrz9T8o5w%2BoCD7dlDwGY5PAzSyMakwMAT1%2BKkC2EBCEXvaCm%2BfoilaN9yaQ7iZdK3MP%2BTirhOeYc%2FPSIEhNmA"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 78bc6372ac582bcd-FRA
expires: Thu, 19 Jan 2023 03:38:26 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame D3B4 2 KB
1 KB 46ms
45ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 203598
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 78bc6372aaff30f9-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 19 Jan 2023 03:12:23 GMT
expires: Thu, 12 Jan 2023 18:57:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwYqPTWZFDgbTAMTprc0INou2nnV3df5OGxorB7eMbt6sHtHl1pJatmUqhW4KjY1bYBzFVn%2FuWAAd1CQqzherPRgjF3A39xzcGoNCPYdwnUWCvp%2FRe8iMEowxdycp9Bo%2FvFW4bY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 87ms
86ms XHR
application/json 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230117&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6354ccc791b48c39bd9dbd0ce7e8e92f6959043962f4826d10207a69dcc99658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11109
x-xss-protection: 0

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 54ms
54ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78bc63730bf930f0-FRA
content-length: 24
content-type: text/plain
date: Thu, 19 Jan 2023 03:12:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2S2BBZ9hVvz%2BvxaBI8zOj1WmI4L6VHULNKg38ZKRF41bfT5c0vZtIM3w3mPkIi4h5klCJ0oWSS0AKV7itsrB4udQcwKt%2Fm570ttOhCiYmF5nmja5eigQZv2VPD6armTvcBatkEY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-gxt5

POST
H3 200 rs Show response
ad4m.at/ Frame 1FBB 1 KB
2 KB 64ms
63ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0752956e808258ea2e83c25ea3a9a75e750da1aae9ee38b3977ffc3008d7361

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDLTxQoTHHMmiPldq0g%2Fh7vhIGyf9RoCOT5fLBqk5GcdGSPo1sJn3j%2BQj1d2TE1a2z0AFQh4egjLus%2BQwrkd4xy%2BsAFqyhA4hTM8E2KdI4BJCwhZJMWeGGzUEu%2BJ2NAcL0xmT%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 78bc63736c4830f0-FRA
x-backend-server: aa-reachservice-group-europe-west1-gxt5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 88ms
87ms Image
image/gif 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=9.058915200231635

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8uwZssVUYu0fnk1lHaX1ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-8uwZssVUYu0fnk1lHaX1ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 191ms
191ms Image
image/gif 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=9.63514384118762

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3WaZPh-_imMrYcobFgSzOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-3WaZPh-_imMrYcobFgSzOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 564F 3 KB
3 KB 58ms
57ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=22451&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX&c=320&d=50&e=&g=5c12bc296ead293f27708cd6930bd6be%2F14264312211520795708&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674097943551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnhvmfce26r9r0v3zafcapvap1mjhqd1wp9509yvvx59wc5h7epxn5ydfz7htt3vpx86krf3ar5f29t8wvyejhmk5ja6pr44epqmk50mds9b5q1qy3jmwjyh40xmxsja94r2r507yj7097330tmwy09z3pqdrpqwafha53ty3tsj693vq4wwk72bs2vha40s7yh6jkq750nraxnjr67parxetvtx38gyh9vdhdkh4gemwega220e9zbq2zkbaxyw5amed2vzrr7re4r3zz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg8JiFrXIY8rqLeH33wPLj6a4BJDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgS_AU_QzudXc0vLPRUwAz-rEVp3YbQ5oCzw8Bz5AubV5kUihvLiot1HxkVXOoi9gGq5lExA1dR4srMepDMPDnM_OSyKfNGBXS6CM4ucGeSvV9Qf8uZ09V0-Qs08XzmMwpfl8rIQdFOfI_FDzlp23sjhGyNfrw6FJH1_bnufjgabpXftT067HXWZHkb5Q7YmoB1Hi-2vGfLe9sD6VicmO5oIR9ioJQ8MSGWRxpgjprnzHUBGPfrFAiAdqXp5aeHYAICrgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_iDVHIIlmg2OnQd3yRnf1YALGwQ%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc213583456c1888933a2b8944e3437549f408d2f83d3678846be51227d67893

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hntzbw84z0q3mjszdxz2307k4f5bz4v9t5f6622k0wz2vycm99v0n6xjy63dhhq090rrb1jz2n3canyxj8tqjm0k65x1zt6d3e1khtaqwsa2hzv2y2da3cj1cszwkmakex51y9ghf0sc4md9qwn5g3a6dsf7a1v72a6s6cfj483a2rc2ywvfyx8venjngsr2v837nf63db9cna616knq5ehq5cax2bmqz79h0g6hv2kryr4fk5d4bgcff9m98nxkx0rdd3paxgys52dwbmbcejaagne0sfwsyh07x4ppajznnvkd6dtaf949dwmcmg8k2ka72a1qxdzqe8zgxz0mhg8x8a3etnhgkgnzd99fgbemg074v0c0s9hp3j6vgby6knwbq4r2wjysakem6076btzdc3236n7ftp8ewp2sfetkshs&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg8JiFrXIY8rqLeH33wPLj6a4BJDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgS_AU_QzudXc0vLPRUwAz-rEVp3YbQ5oCzw8Bz5AubV5kUihvLiot1HxkVXOoi9gGq5lExA1dR4srMepDMPDnM_OSyKfNGBXS6CM4ucGeSvV9Qf8uZ09V0-Qs08XzmMwpfl8rIQdFOfI_FDzlp23sjhGyNfrw6FJH1_bnufjgabpXftT067HXWZHkb5Q7YmoB1Hi-2vGfLe9sD6VicmO5oIR9ioJQ8MSGWRxpgjprnzHUBGPfrFAiAdqXp5aeHYAICrgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2_iDVHIIlmg2OnQd3yRnf1YALGwQ%26client%3Dca-pub-6911964441712208%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78bc63737bb130f9-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 03:12:23 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 9B73 9 KB
4 KB 61ms
61ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=701fcf1505dce5112a7d95dc4781a40e%2F3833383824800334967&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943552&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb5aq3sghsj5hh4jb0x4whdqf1b1hem2bv7ha691sb6vprq38gqvz6s7979wk6yaq3et4xb6mjewbq9ec639jq0mabr95hd0bcz1wmrhxrhcm34pv2sxge8dpjxmh19677z4w6chgd1fm8mpx027n6rg77n5qyhp20yr8gr5afs0z9938rrzw8c54sqajj75wchzk0398z08m150r5fzyz7178xgve5m4w85jpngvenj65a5krkadjwe8hh9hzjsd6p7zmj9evjgtb2g6f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1e3eab7d37819d5a9f704b96dfdaacafad95ca08eed7468e1d810a86ea602e5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h9phnrg76vh3n5cm10jkv8tmfqmgr8g1jpv9pcbp9vggttp8q72pz87djrj806v12p1p3c074mcen3hetx9mw2qbe0f2w4enjz572hpe0k5v8ek4tmx03abpmvhq78hqjn0zy0s3624sk7z13xwqgvx0yvyrpscas70nebkv41yefhcd4s0ca7jv2bwy7sq8nq1nbrynzg7tjjw683qz4h22wfxffeq8ys6bmfj2ctfzq9pw0tfrzmbsaf3cq20byewetzsnerhvn42ppjan9njbsr50mb0bxca4v9cyda44j03hhd5ke0dh24qtsmvsh35bhrnq9ms310q9n9q226qd8eza9xpnn9gm8zbtd0nt7rjw2ksbt9y79nhms0j4pwkkt1akrqsajyjebkn2ra1pqqq27tg2w353vkshj25yfj0yb7ag&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%26client%3Dca-pub-6911964441712208%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78bc63738bb830f9-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 03:12:23 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 149ms
149ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 03:12:23 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 03A0 9 KB
4 KB 69ms
68ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=0732c46b3adff01fd0ad0e2b6915a6bb%2F8945317273360721031&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943605&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr96cjdryfaaw9qjx0p5yfqe60r593arh7jfdsfs08bjmseeqry2jnp5y25718gc9eaxy65gd332etksk1wmh1vz251mzc03z5h3ep2fxz5b7d2zgsvhdn4c0kdrmxj6mc4nrjrgvkvda3qnpnp6sz0t6f2njzz531x321zxca4xg9ytkn3znd0ep37edrnpg92abegg908ksg321gc95b9tstr89fzf4jkad2sap4vn0ghwq65cmgxcre5yw412sec0t1d4y0rnxecj98g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96e1c06e34326474a76d1afca4b5c75e824e6608eea940a79c93f47131d9f791

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hh246b6066mxpxcqmyee7h77tdd7wdbrds6kjwb579dychndw3jh1se5w0y76h080z12d6p45exfty4h0gbds68thz5meawxd8dfqrzhk6qvtscqck22g5dwgvaedxb9pgh45xqy48z2xtevfp7v6cs64pjrgp4ev0yxf1xw2qv0f03zsgrhf9b63grt6yv5ee0ktan5esb13hfbxbbhmzrr5b8sjj01fafp6w216kg0bzjw8dkkrtjh3nykas72vy1h0tpkjjvn9xkq8ztxt658qabk7162bb82sdxatwheze9q2t5wnezdt28v0g9047ycdkg0tgk9qr276h1zegggcm317vh2b653pbcgmtrb12zfcd89q6b7d1yxfvkezvvq764gyg79cwr8m5jrf4ged0mjzj3qjchg7phwxc52nhkhgkm0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%26client%3Dca-pub-6911964441712208%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78bc6373dbeb30f9-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 03:12:23 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 564F 90 KB
12 KB 48ms
48ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX&c=320&d=50&e=&g=5c12bc296ead293f27708cd6930bd6be%2F14264312211520795708&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674097943551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnhvmfce26r9r0v3zafcapvap1mjhqd1wp9509yvvx59wc5h7epxn5ydfz7htt3vpx86krf3ar5f29t8wvyejhmk5ja6pr44epqmk50mds9b5q1qy3jmwjyh40xmxsja94r2r507yj7097330tmwy09z3pqdrpqwafha53ty3tsj693vq4wwk72bs2vha40s7yh6jkq750nraxnjr67parxetvtx38gyh9vdhdkh4gemwega220e9zbq2zkbaxyw5amed2vzrr7re4r3zz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg8JiFrXIY8rqLeH33wPLj6a4BJDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgS_AU_QzudXc0vLPRUwAz-rEVp3YbQ5oCzw8Bz5AubV5kUihvLiot1HxkVXOoi9gGq5lExA1dR4srMepDMPDnM_OSyKfNGBXS6CM4ucGeSvV9Qf8uZ09V0-Qs08XzmMwpfl8rIQdFOfI_FDzlp23sjhGyNfrw6FJH1_bnufjgabpXftT067HXWZHkb5Q7YmoB1Hi-2vGfLe9sD6VicmO5oIR9ioJQ8MSGWRxpgjprnzHUBGPfrFAiAdqXp5aeHYAICrgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_iDVHIIlmg2OnQd3yRnf1YALGwQ%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=22451&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX&c=320&d=50&e=&g=5c12bc296ead293f27708cd6930bd6be%2F14264312211520795708&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674097943551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnhvmfce26r9r0v3zafcapvap1mjhqd1wp9509yvvx59wc5h7epxn5ydfz7htt3vpx86krf3ar5f29t8wvyejhmk5ja6pr44epqmk50mds9b5q1qy3jmwjyh40xmxsja94r2r507yj7097330tmwy09z3pqdrpqwafha53ty3tsj693vq4wwk72bs2vha40s7yh6jkq750nraxnjr67parxetvtx38gyh9vdhdkh4gemwega220e9zbq2zkbaxyw5amed2vzrr7re4r3zz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg8JiFrXIY8rqLeH33wPLj6a4BJDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgS_AU_QzudXc0vLPRUwAz-rEVp3YbQ5oCzw8Bz5AubV5kUihvLiot1HxkVXOoi9gGq5lExA1dR4srMepDMPDnM_OSyKfNGBXS6CM4ucGeSvV9Qf8uZ09V0-Qs08XzmMwpfl8rIQdFOfI_FDzlp23sjhGyNfrw6FJH1_bnufjgabpXftT067HXWZHkb5Q7YmoB1Hi-2vGfLe9sD6VicmO5oIR9ioJQ8MSGWRxpgjprnzHUBGPfrFAiAdqXp5aeHYAICrgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_iDVHIIlmg2OnQd3yRnf1YALGwQ%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 43096
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sm8uB75ETIPvKpt1a978m3xbSkhnncxhKAjs1XpJLEqJ7fOU52ZRJZEgzEoO%2FlxkWtA%2FTksA%2FS9tosg3ZMU%2F5mIfZ0AmUVnc%2Bpw5Kk3YL4XFlnTQyqAQD5akMn7OyX75IOsplbr5nsM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78bc6373ebf730f9-FRA
expires: Thu, 19 Jan 2023 04:12:23 GMT

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 564F 8 KB
9 KB 69ms
59ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX&c=320&d=50&e=&g=5c12bc296ead293f27708cd6930bd6be%2F14264312211520795708&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674097943551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnhvmfce26r9r0v3zafcapvap1mjhqd1wp9509yvvx59wc5h7epxn5ydfz7htt3vpx86krf3ar5f29t8wvyejhmk5ja6pr44epqmk50mds9b5q1qy3jmwjyh40xmxsja94r2r507yj7097330tmwy09z3pqdrpqwafha53ty3tsj693vq4wwk72bs2vha40s7yh6jkq750nraxnjr67parxetvtx38gyh9vdhdkh4gemwega220e9zbq2zkbaxyw5amed2vzrr7re4r3zz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg8JiFrXIY8rqLeH33wPLj6a4BJDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgS_AU_QzudXc0vLPRUwAz-rEVp3YbQ5oCzw8Bz5AubV5kUihvLiot1HxkVXOoi9gGq5lExA1dR4srMepDMPDnM_OSyKfNGBXS6CM4ucGeSvV9Qf8uZ09V0-Qs08XzmMwpfl8rIQdFOfI_FDzlp23sjhGyNfrw6FJH1_bnufjgabpXftT067HXWZHkb5Q7YmoB1Hi-2vGfLe9sD6VicmO5oIR9ioJQ8MSGWRxpgjprnzHUBGPfrFAiAdqXp5aeHYAICrgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_iDVHIIlmg2OnQd3yRnf1YALGwQ%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 257166
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcTwSfFUBGeCeVKCXkerIgcVEa8usYaW5WpHOVJbETGR7E93ARwhtB2a0WPZ00aGrr%2F48De7RV1f9r9POBQuBXZNunDFU3oxgon0IoDDITlb9vpf%2Frah1DujFwfjoJayWyiJguJKneSvUST%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78bc6373fc95927d-FRA
expires: Fri, 20 Jan 2023 03:12:23 GMT

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 564F 30 KB
30 KB 57ms
57ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX&c=320&d=50&e=&g=5c12bc296ead293f27708cd6930bd6be%2F14264312211520795708&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674097943551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnhvmfce26r9r0v3zafcapvap1mjhqd1wp9509yvvx59wc5h7epxn5ydfz7htt3vpx86krf3ar5f29t8wvyejhmk5ja6pr44epqmk50mds9b5q1qy3jmwjyh40xmxsja94r2r507yj7097330tmwy09z3pqdrpqwafha53ty3tsj693vq4wwk72bs2vha40s7yh6jkq750nraxnjr67parxetvtx38gyh9vdhdkh4gemwega220e9zbq2zkbaxyw5amed2vzrr7re4r3zz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg8JiFrXIY8rqLeH33wPLj6a4BJDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgS_AU_QzudXc0vLPRUwAz-rEVp3YbQ5oCzw8Bz5AubV5kUihvLiot1HxkVXOoi9gGq5lExA1dR4srMepDMPDnM_OSyKfNGBXS6CM4ucGeSvV9Qf8uZ09V0-Qs08XzmMwpfl8rIQdFOfI_FDzlp23sjhGyNfrw6FJH1_bnufjgabpXftT067HXWZHkb5Q7YmoB1Hi-2vGfLe9sD6VicmO5oIR9ioJQ8MSGWRxpgjprnzHUBGPfrFAiAdqXp5aeHYAICrgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_iDVHIIlmg2OnQd3yRnf1YALGwQ%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2445635
cf-polished: qual=85, origFmt=jpeg, origSize=81547
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30226
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hx3uVEMV0udbcFZp1VbKxxRn%2BWKtBG3uY6LK%2FhNFynUd%2FfPjBsdzH%2FvkLMGD72AsjA7ctE6cAbDTjAMVJDwhleEGwNX%2F00HGQCbcAPK7178cm64xjC71A%2BoM57NoNr9Ksafk8vwb%2BPgC2s3w"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78bc6373fc97927d-FRA
expires: Fri, 20 Jan 2023 03:12:23 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 564F
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNC1jOrU0vwCFYvTEQgdFZEGYg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidBg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkGoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1674097944_18406780-97a7-11ed-ad94-2233c4476c8a

0
517 B

156ms
41ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1674097944_18406780-97a7-11ed-ad94-2233c4476c8a
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451&b=Bg3tgfPfABXFxH6H3t9t3DWHjSeTmP3UkG&f=jEYUEfGfQ3KhYHEH2tWCg7WhZSzTDekfbX&c=320&d=50&e=&g=5c12bc296ead293f27708cd6930bd6be%2F14264312211520795708&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674097943551&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gnhvmfce26r9r0v3zafcapvap1mjhqd1wp9509yvvx59wc5h7epxn5ydfz7htt3vpx86krf3ar5f29t8wvyejhmk5ja6pr44epqmk50mds9b5q1qy3jmwjyh40xmxsja94r2r507yj7097330tmwy09z3pqdrpqwafha53ty3tsj693vq4wwk72bs2vha40s7yh6jkq750nraxnjr67parxetvtx38gyh9vdhdkh4gemwega220e9zbq2zkbaxyw5amed2vzrr7re4r3zz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCg8JiFrXIY8rqLeH33wPLj6a4BJDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgS_AU_QzudXc0vLPRUwAz-rEVp3YbQ5oCzw8Bz5AubV5kUihvLiot1HxkVXOoi9gGq5lExA1dR4srMepDMPDnM_OSyKfNGBXS6CM4ucGeSvV9Qf8uZ09V0-Qs08XzmMwpfl8rIQdFOfI_FDzlp23sjhGyNfrw6FJH1_bnufjgabpXftT067HXWZHkb5Q7YmoB1Hi-2vGfLe9sD6VicmO5oIR9ioJQ8MSGWRxpgjprnzHUBGPfrFAiAdqXp5aeHYAICrgAbAi8bAzNaNur0BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_iDVHIIlmg2OnQd3yRnf1YALGwQ%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Jan 2023 03:12:24 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Thu, 19 Jan 2023 03:12:24 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1674097944_18406780-97a7-11ed-ad94-2233c4476c8a
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 9B73 90 KB
12 KB 49ms
48ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=701fcf1505dce5112a7d95dc4781a40e%2F3833383824800334967&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943552&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb5aq3sghsj5hh4jb0x4whdqf1b1hem2bv7ha691sb6vprq38gqvz6s7979wk6yaq3et4xb6mjewbq9ec639jq0mabr95hd0bcz1wmrhxrhcm34pv2sxge8dpjxmh19677z4w6chgd1fm8mpx027n6rg77n5qyhp20yr8gr5afs0z9938rrzw8c54sqajj75wchzk0398z08m150r5fzyz7178xgve5m4w85jpngvenj65a5krkadjwe8hh9hzjsd6p7zmj9evjgtb2g6f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=701fcf1505dce5112a7d95dc4781a40e%2F3833383824800334967&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943552&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb5aq3sghsj5hh4jb0x4whdqf1b1hem2bv7ha691sb6vprq38gqvz6s7979wk6yaq3et4xb6mjewbq9ec639jq0mabr95hd0bcz1wmrhxrhcm34pv2sxge8dpjxmh19677z4w6chgd1fm8mpx027n6rg77n5qyhp20yr8gr5afs0z9938rrzw8c54sqajj75wchzk0398z08m150r5fzyz7178xgve5m4w85jpngvenj65a5krkadjwe8hh9hzjsd6p7zmj9evjgtb2g6f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 43096
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzfTvABYWVqjL6bUw%2Fyem9xjfUCm62nSfXPRQbRx5EhuiutoSw4jl%2FXAbZ%2BSqz1Vpwhsh3oo8%2BCtbqBk7R4YGUU1Hkf%2BtI8T7xlgj9X9zfaHJeyej6fUALsdOTUrVYuDI%2BJWFlczBVs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78bc6373fc0030f9-FRA
expires: Thu, 19 Jan 2023 04:12:23 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 9B73 53 KB
54 KB 47ms
46ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=701fcf1505dce5112a7d95dc4781a40e%2F3833383824800334967&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943552&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb5aq3sghsj5hh4jb0x4whdqf1b1hem2bv7ha691sb6vprq38gqvz6s7979wk6yaq3et4xb6mjewbq9ec639jq0mabr95hd0bcz1wmrhxrhcm34pv2sxge8dpjxmh19677z4w6chgd1fm8mpx027n6rg77n5qyhp20yr8gr5afs0z9938rrzw8c54sqajj75wchzk0398z08m150r5fzyz7178xgve5m4w85jpngvenj65a5krkadjwe8hh9hzjsd6p7zmj9evjgtb2g6f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2099731
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DiqV8a6iOYpOohKPW2e4sEzGxAImchBCxq4AjL2FIY2m2aq6gMyeyN816VhtowWuB4w4x3FzLNyPwxMAoiAYPqW3gyZpzy4AJzQDaU7YusG2U24D3r0G%2Bym8fLX5A7hrtgG26JelXoUM2bAn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78bc6373fc96927d-FRA
expires: Fri, 20 Jan 2023 03:12:23 GMT

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 9B73 23 KB
23 KB 56ms
54ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=701fcf1505dce5112a7d95dc4781a40e%2F3833383824800334967&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943552&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb5aq3sghsj5hh4jb0x4whdqf1b1hem2bv7ha691sb6vprq38gqvz6s7979wk6yaq3et4xb6mjewbq9ec639jq0mabr95hd0bcz1wmrhxrhcm34pv2sxge8dpjxmh19677z4w6chgd1fm8mpx027n6rg77n5qyhp20yr8gr5afs0z9938rrzw8c54sqajj75wchzk0398z08m150r5fzyz7178xgve5m4w85jpngvenj65a5krkadjwe8hh9hzjsd6p7zmj9evjgtb2g6f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 254466
cf-polished: qual=85, origFmt=jpeg, origSize=132437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23154
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pR%2BOF8EWgQJGZfpZJ5kvNA%2Bjwor3PUBtXXC4Uh9Ou2HfxK5Xgvp5famL4fzDRaHcXsmVMQolhdfcsG9nl2Fu%2BqgaNS8Vt%2F5LmIYIVBH5WZ1oAy4sS%2BSiWqd2E5TXHwzbRQhhVk8NSAThO%2BAo"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78bc63740c9f927d-FRA
expires: Fri, 20 Jan 2023 03:12:23 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 9B73
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CI_RkurU0vwCFVKRewod1QMNYg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023011904122480615901105X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Ne...

49 B
1 KB

234ms
45ms

Image
image/gif

46.4.62.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023011904122480615901105X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2023011904122480615901105X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=701fcf1505dce5112a7d95dc4781a40e%2F3833383824800334967&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943552&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb5aq3sghsj5hh4jb0x4whdqf1b1hem2bv7ha691sb6vprq38gqvz6s7979wk6yaq3et4xb6mjewbq9ec639jq0mabr95hd0bcz1wmrhxrhcm34pv2sxge8dpjxmh19677z4w6chgd1fm8mpx027n6rg77n5qyhp20yr8gr5afs0z9938rrzw8c54sqajj75wchzk0398z08m150r5fzyz7178xgve5m4w85jpngvenj65a5krkadjwe8hh9hzjsd6p7zmj9evjgtb2g6f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads4.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:24 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023011904122480615901105X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2023011904122480615901105X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
date: Thu, 19 Jan 2023 03:12:24 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 9B73 9 KB
9 KB 55ms
54ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=701fcf1505dce5112a7d95dc4781a40e%2F3833383824800334967&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943552&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb5aq3sghsj5hh4jb0x4whdqf1b1hem2bv7ha691sb6vprq38gqvz6s7979wk6yaq3et4xb6mjewbq9ec639jq0mabr95hd0bcz1wmrhxrhcm34pv2sxge8dpjxmh19677z4w6chgd1fm8mpx027n6rg77n5qyhp20yr8gr5afs0z9938rrzw8c54sqajj75wchzk0398z08m150r5fzyz7178xgve5m4w85jpngvenj65a5krkadjwe8hh9hzjsd6p7zmj9evjgtb2g6f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2092920
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15K0TJ2bfW4G4v1yrBxVMPOrPQGNFnSmj2UB6Hpc9bfGi60BFBj8pnulqJKj8ghQtyN%2BdPBvP49WSds7J9ArctwXXQydDs6I%2FrqtisQ8BKbFPIoY4gpmjcc5aQPDVc14lxseq7B%2F6MORRUHY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78bc63740ca0927d-FRA
expires: Fri, 20 Jan 2023 03:12:23 GMT

GET
H2 200 FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame 9B73 20 KB
20 KB 55ms
54ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=701fcf1505dce5112a7d95dc4781a40e%2F3833383824800334967&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943552&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb5aq3sghsj5hh4jb0x4whdqf1b1hem2bv7ha691sb6vprq38gqvz6s7979wk6yaq3et4xb6mjewbq9ec639jq0mabr95hd0bcz1wmrhxrhcm34pv2sxge8dpjxmh19677z4w6chgd1fm8mpx027n6rg77n5qyhp20yr8gr5afs0z9938rrzw8c54sqajj75wchzk0398z08m150r5fzyz7178xgve5m4w85jpngvenj65a5krkadjwe8hh9hzjsd6p7zmj9evjgtb2g6f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119391
cf-polished: qual=85, origFmt=jpeg, origSize=85977
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20094
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:38:50 GMT
server: cloudflare
etag: "115bea0885590f780802fd14548a1cde"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJvqs0im4K56V9KxzGBiaTfkbcszBcbnOkqEIwTLhzUWUCm5jwtZBy6ZZyYLcmjZ3nwTL7LQu2NBTybnxXhRGmZo5WvArvN5DlrMnFZB6M88vcIcC0FWmKAqeBdeJgwMQRlJkehqHyucVA%2FV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78bc63740ca1927d-FRA
expires: Fri, 20 Jan 2023 03:12:23 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 9B73
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CKvDjOrU0vwCFTWC_Qcd-jcGpg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023011904122480615901107X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netm...

49 B
1 KB

222ms
48ms

Image
image/gif

46.4.62.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023011904122480615901107X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=701fcf1505dce5112a7d95dc4781a40e%2F3833383824800334967&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943552&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb5aq3sghsj5hh4jb0x4whdqf1b1hem2bv7ha691sb6vprq38gqvz6s7979wk6yaq3et4xb6mjewbq9ec639jq0mabr95hd0bcz1wmrhxrhcm34pv2sxge8dpjxmh19677z4w6chgd1fm8mpx027n6rg77n5qyhp20yr8gr5afs0z9938rrzw8c54sqajj75wchzk0398z08m150r5fzyz7178xgve5m4w85jpngvenj65a5krkadjwe8hh9hzjsd6p7zmj9evjgtb2g6f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads4.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:24 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023011904122480615901107X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
date: Thu, 19 Jan 2023 03:12:24 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 9B73 44 KB
44 KB 55ms
55ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=701fcf1505dce5112a7d95dc4781a40e%2F3833383824800334967&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943552&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb5aq3sghsj5hh4jb0x4whdqf1b1hem2bv7ha691sb6vprq38gqvz6s7979wk6yaq3et4xb6mjewbq9ec639jq0mabr95hd0bcz1wmrhxrhcm34pv2sxge8dpjxmh19677z4w6chgd1fm8mpx027n6rg77n5qyhp20yr8gr5afs0z9938rrzw8c54sqajj75wchzk0398z08m150r5fzyz7178xgve5m4w85jpngvenj65a5krkadjwe8hh9hzjsd6p7zmj9evjgtb2g6f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131187
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZnlXBh1iAq%2FuYwginiOTzxC2k90G5zan1nsSnqtQX9qpORMo7L27wokLQUPrS0deaf2bD3ky65AP4fFAXy%2FvRWf4v7g7HTQx6ImVTpYJIdVBBwzDpOBc%2FeyyP%2BjP0%2FIK%2F5%2Bh1dNUtl0hQDH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78bc63740ca3927d-FRA
expires: Fri, 20 Jan 2023 03:12:23 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 9B73 222 KB
222 KB 55ms
54ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=701fcf1505dce5112a7d95dc4781a40e%2F3833383824800334967&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943552&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb5aq3sghsj5hh4jb0x4whdqf1b1hem2bv7ha691sb6vprq38gqvz6s7979wk6yaq3et4xb6mjewbq9ec639jq0mabr95hd0bcz1wmrhxrhcm34pv2sxge8dpjxmh19677z4w6chgd1fm8mpx027n6rg77n5qyhp20yr8gr5afs0z9938rrzw8c54sqajj75wchzk0398z08m150r5fzyz7178xgve5m4w85jpngvenj65a5krkadjwe8hh9hzjsd6p7zmj9evjgtb2g6f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1061228
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gP5IdvBOEDQvbg5L7D5VMKZ0QPH4w646HSvJiPv0nU2qZiGeNN8IFlldiZReK%2B7R8z7AfS%2BQvxFpzX76uVhWhfUd50SKVe00fG8JDHn%2Bk7mSE4D0B1iGvHcJ3HIN%2BmrKahqqh9KFqp5o18Lk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78bc63740ca4927d-FRA
expires: Fri, 20 Jan 2023 03:12:23 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 9B73
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1674097943_1825daa0-97a7-11ed-a520-22653408fd8a&insert=AW&&gdpr=0&gdpr_consent=

0
329 B

159ms
77ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1674097943_1825daa0-97a7-11ed-a520-22653408fd8a&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=701fcf1505dce5112a7d95dc4781a40e%2F3833383824800334967&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943552&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jb5aq3sghsj5hh4jb0x4whdqf1b1hem2bv7ha691sb6vprq38gqvz6s7979wk6yaq3et4xb6mjewbq9ec639jq0mabr95hd0bcz1wmrhxrhcm34pv2sxge8dpjxmh19677z4w6chgd1fm8mpx027n6rg77n5qyhp20yr8gr5afs0z9938rrzw8c54sqajj75wchzk0398z08m150r5fzyz7178xgve5m4w85jpngvenj65a5krkadjwe8hh9hzjsd6p7zmj9evjgtb2g6f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3mTlFrXIY5HnLdPt3wOWw6ywBpDhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTY5MTE5NjQ0NDE3MTIyMDjIAQmpAj5PGK7wGrI-qAMBqgTAAU_QbJoKzDFXt77WXxDfewcfdG2yNAJTyDs1IfwptfOokSwA925yo6j-A2YdcDjzN-IS6OOdYBKU6m6iTEWrbIkg1km5lwTnmzD3ZmNMi1oFZaSF0OHLv0hx2tZyoh2jNGNEWZnkF4aomAt--qZX4iV85EmiJ8OlXZFWeR2oxrm_MqkgMr--5mYt0TRL47LNXx6k4KOwK9VhqyoNLmgUSS4zAwHOqGC1KNXr0AX0181R6zbmhlSLlxwZO4IYKGlUJoAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1tfEVPS0bCVQhHfqpdQMWpZNHTRw%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:24 GMT
via: 1.1 additional-webserver-green-175p (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 394139723
content-type: text/html; charset=UTF-8
cache-control: no-cache
server-timing: intid;desc=8b65f3db6d7e089d
cf-ray: 78bc63763e0fbb49-FRA
expires: -1

Redirect headers

Date: Thu, 19 Jan 2023 03:12:23 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1674097943_1825daa0-97a7-11ed-a520-22653408fd8a&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 03A0 90 KB
12 KB 157ms
157ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=0732c46b3adff01fd0ad0e2b6915a6bb%2F8945317273360721031&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943605&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr96cjdryfaaw9qjx0p5yfqe60r593arh7jfdsfs08bjmseeqry2jnp5y25718gc9eaxy65gd332etksk1wmh1vz251mzc03z5h3ep2fxz5b7d2zgsvhdn4c0kdrmxj6mc4nrjrgvkvda3qnpnp6sz0t6f2njzz531x321zxca4xg9ytkn3znd0ep37edrnpg92abegg908ksg321gc95b9tstr89fzf4jkad2sap4vn0ghwq65cmgxcre5yw412sec0t1d4y0rnxecj98g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=0732c46b3adff01fd0ad0e2b6915a6bb%2F8945317273360721031&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943605&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr96cjdryfaaw9qjx0p5yfqe60r593arh7jfdsfs08bjmseeqry2jnp5y25718gc9eaxy65gd332etksk1wmh1vz251mzc03z5h3ep2fxz5b7d2zgsvhdn4c0kdrmxj6mc4nrjrgvkvda3qnpnp6sz0t6f2njzz531x321zxca4xg9ytkn3znd0ep37edrnpg92abegg908ksg321gc95b9tstr89fzf4jkad2sap4vn0ghwq65cmgxcre5yw412sec0t1d4y0rnxecj98g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 43096
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzYwrZRTcm5yhVvd79xRtlxT%2B1DJTMM07U%2FCBwNXZ19OHexoqgKAEKKsOdUmgk2PXb%2Bp%2BvANlx3%2FutZDEHy%2BRD2rIDa064yckt4uot90OFoXokyLiYR7GYRoXKXmFaaX51%2BMmpuMvKw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78bc63745c3c30f9-FRA
expires: Thu, 19 Jan 2023 04:12:23 GMT

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 03A0 53 KB
54 KB 46ms
45ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=0732c46b3adff01fd0ad0e2b6915a6bb%2F8945317273360721031&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943605&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr96cjdryfaaw9qjx0p5yfqe60r593arh7jfdsfs08bjmseeqry2jnp5y25718gc9eaxy65gd332etksk1wmh1vz251mzc03z5h3ep2fxz5b7d2zgsvhdn4c0kdrmxj6mc4nrjrgvkvda3qnpnp6sz0t6f2njzz531x321zxca4xg9ytkn3znd0ep37edrnpg92abegg908ksg321gc95b9tstr89fzf4jkad2sap4vn0ghwq65cmgxcre5yw412sec0t1d4y0rnxecj98g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2099731
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9z5n7earmdu8POSx3Wuja0zWnp3qCR8YIp9208FHfpVPttOFDzvni0GK1OqGnAB2%2FEZlWNodUaXYXKmYVXCxkMrmavBvwoExYr1mGEOjUfFYLWGzbPu0ivdQGB2MaEkH%2Bk27MToslBcKw%2Btl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78bc63745c3d30f9-FRA
expires: Fri, 20 Jan 2023 03:12:23 GMT

GET
H3 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 03A0 23 KB
23 KB 80ms
79ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=0732c46b3adff01fd0ad0e2b6915a6bb%2F8945317273360721031&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943605&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr96cjdryfaaw9qjx0p5yfqe60r593arh7jfdsfs08bjmseeqry2jnp5y25718gc9eaxy65gd332etksk1wmh1vz251mzc03z5h3ep2fxz5b7d2zgsvhdn4c0kdrmxj6mc4nrjrgvkvda3qnpnp6sz0t6f2njzz531x321zxca4xg9ytkn3znd0ep37edrnpg92abegg908ksg321gc95b9tstr89fzf4jkad2sap4vn0ghwq65cmgxcre5yw412sec0t1d4y0rnxecj98g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 254466
cf-polished: qual=85, origFmt=jpeg, origSize=132437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23154
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okXneRD%2FS949sbiJ1%2BhWmnZViCwU0erJ%2FbyAYr4ih9ydItS84PphwlVftFotcXaP8q7Ou3gzdglrNYT8sgsWiq9VJHreDbAUiktIIFi9f3kRCcGsG7WoBNGbEFPMfYw0pB%2BtFjcYpGmIfpOp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78bc63745c3e30f9-FRA
expires: Fri, 20 Jan 2023 03:12:23 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 03A0
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CI_VkurU0vwCFeHIuwgdITAHBg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023011904122480615901101X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Ne...

49 B
1 KB

235ms
44ms

Image
image/gif

46.4.62.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023011904122480615901101X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2023011904122480615901101X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=0732c46b3adff01fd0ad0e2b6915a6bb%2F8945317273360721031&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943605&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr96cjdryfaaw9qjx0p5yfqe60r593arh7jfdsfs08bjmseeqry2jnp5y25718gc9eaxy65gd332etksk1wmh1vz251mzc03z5h3ep2fxz5b7d2zgsvhdn4c0kdrmxj6mc4nrjrgvkvda3qnpnp6sz0t6f2njzz531x321zxca4xg9ytkn3znd0ep37edrnpg92abegg908ksg321gc95b9tstr89fzf4jkad2sap4vn0ghwq65cmgxcre5yw412sec0t1d4y0rnxecj98g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads4.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:24 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023011904122480615901101X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2023011904122480615901101X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
date: Thu, 19 Jan 2023 03:12:24 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 03A0 9 KB
10 KB 153ms
152ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=0732c46b3adff01fd0ad0e2b6915a6bb%2F8945317273360721031&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943605&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr96cjdryfaaw9qjx0p5yfqe60r593arh7jfdsfs08bjmseeqry2jnp5y25718gc9eaxy65gd332etksk1wmh1vz251mzc03z5h3ep2fxz5b7d2zgsvhdn4c0kdrmxj6mc4nrjrgvkvda3qnpnp6sz0t6f2njzz531x321zxca4xg9ytkn3znd0ep37edrnpg92abegg908ksg321gc95b9tstr89fzf4jkad2sap4vn0ghwq65cmgxcre5yw412sec0t1d4y0rnxecj98g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2092920
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X52mpfYEPiGUmHo6Fnl4ZCdJjTeIBGdzrOz7%2BcWgGfHDqgDU3kevkdHuXIfohaMlZiYM9M8LdGezCM%2FUO8PJ8hOgBkAbw2QXafCLd2RuAso8TVskpSbt3VrcXaCGHh0DwtRwGZKtO9Tw9A52"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78bc63746c4030f9-FRA
expires: Fri, 20 Jan 2023 03:12:23 GMT

GET
H3 200 FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame 03A0 20 KB
20 KB 154ms
154ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=0732c46b3adff01fd0ad0e2b6915a6bb%2F8945317273360721031&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943605&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr96cjdryfaaw9qjx0p5yfqe60r593arh7jfdsfs08bjmseeqry2jnp5y25718gc9eaxy65gd332etksk1wmh1vz251mzc03z5h3ep2fxz5b7d2zgsvhdn4c0kdrmxj6mc4nrjrgvkvda3qnpnp6sz0t6f2njzz531x321zxca4xg9ytkn3znd0ep37edrnpg92abegg908ksg321gc95b9tstr89fzf4jkad2sap4vn0ghwq65cmgxcre5yw412sec0t1d4y0rnxecj98g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119391
cf-polished: qual=85, origFmt=jpeg, origSize=85977
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20094
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:38:50 GMT
server: cloudflare
etag: "115bea0885590f780802fd14548a1cde"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rE0c3JPvHT56PYYgo9gS%2Bxgp%2BvpayDKfsuIiOKLQKVDQDTyUlkY0GOOuMAK8oZX9p49KoiqkeABySTu846f2SRsWgVWACJIpink%2FEiXgyQ0szmJxKQo8JItiF3b%2FV2FDu8G2f9U4VQvuZcpM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78bc63746c4130f9-FRA
expires: Fri, 20 Jan 2023 03:12:23 GMT

GET
H3 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 03A0 44 KB
44 KB 65ms
65ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=0732c46b3adff01fd0ad0e2b6915a6bb%2F8945317273360721031&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943605&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr96cjdryfaaw9qjx0p5yfqe60r593arh7jfdsfs08bjmseeqry2jnp5y25718gc9eaxy65gd332etksk1wmh1vz251mzc03z5h3ep2fxz5b7d2zgsvhdn4c0kdrmxj6mc4nrjrgvkvda3qnpnp6sz0t6f2njzz531x321zxca4xg9ytkn3znd0ep37edrnpg92abegg908ksg321gc95b9tstr89fzf4jkad2sap4vn0ghwq65cmgxcre5yw412sec0t1d4y0rnxecj98g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131187
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZulwA8maD9W27qnN6qURl%2Ft3vt33hXi8ADWh%2BlRtdq6mb7uO5tOSQYL2eZCpdvnFVKLngvN5%2BPvo%2FJMvYFaJqEpWwU8ogevML1jRS%2By%2F7fdfaWdkXVImk%2B0fSCz7FTlIBfn8n5Fh2fGkEXoT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78bc63747c5730f9-FRA
expires: Fri, 20 Jan 2023 03:12:23 GMT

GET
H3 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 03A0 222 KB
222 KB 101ms
101ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=0732c46b3adff01fd0ad0e2b6915a6bb%2F8945317273360721031&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943605&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr96cjdryfaaw9qjx0p5yfqe60r593arh7jfdsfs08bjmseeqry2jnp5y25718gc9eaxy65gd332etksk1wmh1vz251mzc03z5h3ep2fxz5b7d2zgsvhdn4c0kdrmxj6mc4nrjrgvkvda3qnpnp6sz0t6f2njzz531x321zxca4xg9ytkn3znd0ep37edrnpg92abegg908ksg321gc95b9tstr89fzf4jkad2sap4vn0ghwq65cmgxcre5yw412sec0t1d4y0rnxecj98g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1061228
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gs7vqI4GuCJ4n%2BzBJJqc1V4fJUlir8EiA6qOe89CsH0QTKgKsXyelB8scUyn7vueVKVFuaGCaVUyMT2GvAbV5S4f4TDMTKwrK%2BOSTGgjFTALHfS%2F81fPA1kmfejyLEfsHVfOyUP%2Fv9FLN7W7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78bc63747c5830f9-FRA
expires: Fri, 20 Jan 2023 03:12:23 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 03A0
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1674097943_18247b10-97a7-11ed-ad7b-22332650e18d&insert=AW&&gdpr=0&gdpr_consent=

0
672 B

172ms
69ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1674097943_18247b10-97a7-11ed-ad7b-22332650e18d&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=0732c46b3adff01fd0ad0e2b6915a6bb%2F8945317273360721031&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943605&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr96cjdryfaaw9qjx0p5yfqe60r593arh7jfdsfs08bjmseeqry2jnp5y25718gc9eaxy65gd332etksk1wmh1vz251mzc03z5h3ep2fxz5b7d2zgsvhdn4c0kdrmxj6mc4nrjrgvkvda3qnpnp6sz0t6f2njzz531x321zxca4xg9ytkn3znd0ep37edrnpg92abegg908ksg321gc95b9tstr89fzf4jkad2sap4vn0ghwq65cmgxcre5yw412sec0t1d4y0rnxecj98g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:24 GMT
via: 1.1 additional-webserver-green-g4xh (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 253857738
content-type: text/html; charset=UTF-8
cache-control: no-cache
server-timing: intid;desc=44b291be4d777697
cf-ray: 78bc63763e0dbb49-FRA
expires: -1

Redirect headers

Date: Thu, 19 Jan 2023 03:12:23 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1674097943_18247b10-97a7-11ed-ad7b-22332650e18d&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 03A0
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CIzBjOrU0vwCFQHddwodW3oEIw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023011904122480615901103X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

49 B
1 KB

222ms
47ms

Image
image/gif

46.4.62.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023011904122480615901103X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=0732c46b3adff01fd0ad0e2b6915a6bb%2F8945317273360721031&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674097943605&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr96cjdryfaaw9qjx0p5yfqe60r593arh7jfdsfs08bjmseeqry2jnp5y25718gc9eaxy65gd332etksk1wmh1vz251mzc03z5h3ep2fxz5b7d2zgsvhdn4c0kdrmxj6mc4nrjrgvkvda3qnpnp6sz0t6f2njzz531x321zxca4xg9ytkn3znd0ep37edrnpg92abegg908ksg321gc95b9tstr89fzf4jkad2sap4vn0ghwq65cmgxcre5yw412sec0t1d4y0rnxecj98g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6y7gFrXIY6aeLaWUjuwPrKyFuAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi02OTExOTY0NDQxNzEyMjA4yAEJqQI-Txiu8BqyPqgDAaoEwAFP0GJfRDEikY2CJpACA5fr6lpPEum1qL8U9L5nkbsytCykVz6ws9G4h35bnV_Ei4MgH7iqkceVlc3lycjiTQWirlkBJT1ttM9HuLRbbsm8IDMXFpyQLAPAATVBq_SDVHM6408RjTu4p0ZVqOyUCkOjNQwgP53IEgUCcFw4AFt4e6YHetXzmvhgWcPzBratRTlK_0G0KaU-37rGDSf0sF83aV1OudTHBtGxRU3wMCnAikbCRJVy13r6koE2ZkisgemABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3abApGa6iIOA6yrGBrNVSkuZt2LA%2526client%253Dca-pub-6911964441712208%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads4.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 03:12:24 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023011904122480615901103X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date: Thu, 19 Jan 2023 03:12:24 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

POST
H3 204 AGSKWxVmGtDawqO1hJCArvRLg9ZqvWbUIHqMRbAXH-JKWUJJP2uUC0wjo62hbjlIyVmxO4D6QtMVoSe4f93UsX4bIGo5mTyOIeD_KltBMUYL5wJL7vIOHevQ-nPqac1JdHKXVXky1xFKBw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 85ms
84ms XHR
text/html 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVmGtDawqO1hJCArvRLg9ZqvWbUIHqMRbAXH-JKWUJJP2uUC0wjo62hbjlIyVmxO4D6QtMVoSe4f93UsX4bIGo5mTyOIeD_KltBMUYL5wJL7vIOHevQ-nPqac1JdHKXVXky1xFKBw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nhPnx6TPlIATfW3OGKxJtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 19 Jan 2023 03:12:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-nhPnx6TPlIATfW3OGKxJtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.hitdu.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8701 13 KB
5 KB 56ms
55ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 74442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 06:31:41 GMT
expires: Thu, 18 Jan 2024 06:31:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 70C8 783 B
534 B 79ms
78ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4dab846e91cbe1bd7e01c3e4c83e2676cb9a9ca0bed18b8c0fc1cd16ab328112

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aSf4n3ukTge3AI4ISBlB-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hitdu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-aSf4n3ukTge3AI4ISBlB-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 03:12:23 GMT
expires: Thu, 19 Jan 2023 03:12:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 8701 36 KB
16 KB 55ms
55ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 02:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Jan 2024 02:12:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 70C8 0
0 87ms
87ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230117&jk=1185084203397526&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 topads. Show response
fundingchoicesmessages.google.com/f/AGSKWxVoh32hkBKnWpseUj9Kv6VN27jqXrw2to5B03QcCr2qcmE10s99nr-YEvAn9k7I9ibSNKH-BnXltxce2oue5jixvz4tyevTZrZm1oFJiYps_s6dfIG01SwzBuDiRz17tgunNzV7naw5KBUfJq2Ay8sjEoObn... 54 B
109 B 86ms
86ms Script
application/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVoh32hkBKnWpseUj9Kv6VN27jqXrw2to5B03QcCr2qcmE10s99nr-YEvAn9k7I9ibSNKH-BnXltxce2oue5jixvz4tyevTZrZm1oFJiYps_s6dfIG01SwzBuDiRz17tgunNzV7naw5KBUfJq2Ay8sjEoObnBSG1wqMiYgkTwErGfxokZ0XFtqZwju7/_-advertisement_/videojs.ads-_728x90-_ad_courier./topads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.0yt_veGFz_8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMwY8CM_TXPy89lRSavObnZ5CA7mGA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f3b5a87f90aacaf68f022665d25df4a0776cbe7f32b8cec68a2babec7d2f19e7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pvC6Atu-PHCeRjwmMhIzeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pvC6Atu-PHCeRjwmMhIzeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
93 B 56ms
55ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 10:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 10:07:10 GMT

POST
H3 204 AGSKWxVmGtDawqO1hJCArvRLg9ZqvWbUIHqMRbAXH-JKWUJJP2uUC0wjo62hbjlIyVmxO4D6QtMVoSe4f93UsX4bIGo5mTyOIeD_KltBMUYL5wJL7vIOHevQ-nPqac1JdHKXVXky1xFKBw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 87ms
87ms XHR
text/html 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVmGtDawqO1hJCArvRLg9ZqvWbUIHqMRbAXH-JKWUJJP2uUC0wjo62hbjlIyVmxO4D6QtMVoSe4f93UsX4bIGo5mTyOIeD_KltBMUYL5wJL7vIOHevQ-nPqac1JdHKXVXky1xFKBw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o7yZcV_zIAcr4Nbb3ml7Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 19 Jan 2023 03:12:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-o7yZcV_zIAcr4Nbb3ml7Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.hitdu.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVmGtDawqO1hJCArvRLg9ZqvWbUIHqMRbAXH-JKWUJJP2uUC0wjo62hbjlIyVmxO4D6QtMVoSe4f93UsX4bIGo5mTyOIeD_KltBMUYL5wJL7vIOHevQ-nPqac1JdHKXVXky1xFKBw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 133ms
133ms XHR
text/html 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVmGtDawqO1hJCArvRLg9ZqvWbUIHqMRbAXH-JKWUJJP2uUC0wjo62hbjlIyVmxO4D6QtMVoSe4f93UsX4bIGo5mTyOIeD_KltBMUYL5wJL7vIOHevQ-nPqac1JdHKXVXky1xFKBw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-56r4HiW2OGAtth4AIrJH6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 19 Jan 2023 03:12:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-56r4HiW2OGAtth4AIrJH6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.hitdu.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVmGtDawqO1hJCArvRLg9ZqvWbUIHqMRbAXH-JKWUJJP2uUC0wjo62hbjlIyVmxO4D6QtMVoSe4f93UsX4bIGo5mTyOIeD_KltBMUYL5wJL7vIOHevQ-nPqac1JdHKXVXky1xFKBw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 157ms
157ms XHR
text/html 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVmGtDawqO1hJCArvRLg9ZqvWbUIHqMRbAXH-JKWUJJP2uUC0wjo62hbjlIyVmxO4D6QtMVoSe4f93UsX4bIGo5mTyOIeD_KltBMUYL5wJL7vIOHevQ-nPqac1JdHKXVXky1xFKBw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EpqmQUS2qHcd9aEOQn0jmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 19 Jan 2023 03:12:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-EpqmQUS2qHcd9aEOQn0jmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.hitdu.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVmGtDawqO1hJCArvRLg9ZqvWbUIHqMRbAXH-JKWUJJP2uUC0wjo62hbjlIyVmxO4D6QtMVoSe4f93UsX4bIGo5mTyOIeD_KltBMUYL5wJL7vIOHevQ-nPqac1JdHKXVXky1xFKBw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 184ms
183ms XHR
text/html 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVmGtDawqO1hJCArvRLg9ZqvWbUIHqMRbAXH-JKWUJJP2uUC0wjo62hbjlIyVmxO4D6QtMVoSe4f93UsX4bIGo5mTyOIeD_KltBMUYL5wJL7vIOHevQ-nPqac1JdHKXVXky1xFKBw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jZyz-Co2y-ktN8ija8KTDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 19 Jan 2023 03:12:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-jZyz-Co2y-ktN8ija8KTDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.hitdu.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU1RZt8z-OiQuPQSXYddhYYukAEpQwrueqxHBY349wbaViXPGMJ9Y6caCUcGzOqFZgTk7XdrxJUFIHwifRUGUK36JMeSSrZoQWnzqyKPVaeVES68IUM4Y35luT9cLZgx2_qlJwsfA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 117ms
117ms Script
application/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU1RZt8z-OiQuPQSXYddhYYukAEpQwrueqxHBY349wbaViXPGMJ9Y6caCUcGzOqFZgTk7XdrxJUFIHwifRUGUK36JMeSSrZoQWnzqyKPVaeVES68IUM4Y35luT9cLZgx2_qlJwsfA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc0MDk3OTQ0LDQ0NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmhpdGR1LmNvbS8iLG51bGwsW1s4LCIweXRfdmVHRnpfOCJdLFs5LCJkZSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

597e3e07b8674ecbfd70d4fa5e2a19d68fdeb127461820a2b44768442f15c157

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-v27EmJ3GTqnlFnxftoDxyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 03:12:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-v27EmJ3GTqnlFnxftoDxyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
90ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230117&jk=1185084203397526&bg=!w8ClwITNAAYDMoyoIzI7ACkAdvg8Wp1UqGWCm_8zUJxWyJ0UfIdMpwW4ZfO23FgOE2odKR-QCFU8JwIAAABMUgAAAANoAQcKAKhwsn2sARa9YBvvjvTaYhRLJL022kbG9taut4CWQZiR74I7vaLoF8bUGktjAIp-cpJlwX1nyAH0nqzWwOXaw1RfiXByDIZDFdRGTvnLpHT4NgmMftr3QHtKD0hOOCEQQG6jY9zAn3FfpgvabqTDdYx4WuVvXTHPQFIcj-1clFI-fIxHLHoAokRyCluolrTH0QGTcpa7ktJ0h11bBu0ioItUPy3E77NPzUuZAp72XsWmuz-Ak7bMTPySG8I5j7yS3bGgekopifTj4tSwATmTTE3xojqcZ1KESTBUk94vji1xf-uHExEwyxtULPGFdUa6gDpFLm7zE0EuWoC54ifkmBTozTBPNwPYDN4XoXB2WVCGSTTysxsRH_cW1GcuJzvAoar840DAshTsmPCwouLfftlMXC9YGIxj2MItZzdCYxuMPraIOTnIyXHGC79hoQxhAScKTCQ1ZUQBtFEX0F5xGDN0U0xm0n8gtc62wB1sKpMlFbT0QyNB2_d7sTLob5kLu7CvWwbcA5HHzEYxmQdJJSGzYv4yaKNYzwDzocWb8HSVnO-nJqX69-znHATpxzc6o1gMPpyGsLQlVst7DnWMx-JdsCbzroHswoIsPw8OU_Td7igCJLlMxhkvFdqN0wBLYm7GrdzBP9bOI_0fp3kSxBgpLKF9j88MP3frCh1ATrtnCQXSB-QbDPu004pux1rQnvaqns6Y6uKdXbrD8aP3FoW6_5WdIX_IAOoBhwD8zdKLO1a9sQjKrFcOYA0Ilsrq5gGT_gX0JX9WwwJs45MaX99GaTyYQED4wSvFx8TUBvyf7VJNQl0U2yD18jrwAIinnEex5r7DKhh7aIi-7Cv6TSb5FqaM1Q7Y1yxfMVTijJRIk8M_zcQy5VE1SpCetPAawIOllmTtux3KAyTT47OqVajTsVCKIe_mj3zVhzjUtWi9ar_aIrcGkNKfTNXLbpYANxm2jiZ5NRMGmjrNtG613rIxQU7-nwTiAX-Z9oQSPKKkRwDbo7qze852Hnp6WkC5HWrBntkfePnuKARdW5f_w2dCm5BUKHLkv_y8HHfl5HQPueSanwak88qbG0ZqJ40cYaDeUnPerjdPErfJPT0fxijwJPbOD8eONLuL
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hitdu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

POST
H3 204 AGSKWxUc3mJOXHBsjKqTiO9xySr0EGQ66ZXyhAhTmDMJIu-WjEN8-Sby-m_vmLqW8daUBkDFPerNsjF7ASYocrAy9wiEydanczHlJ8Z9yCc2h-t9nGAvOlaRgv1yvpLssMiIn2W77Ud_2g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 82ms
82ms XHR
text/html 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUc3mJOXHBsjKqTiO9xySr0EGQ66ZXyhAhTmDMJIu-WjEN8-Sby-m_vmLqW8daUBkDFPerNsjF7ASYocrAy9wiEydanczHlJ8Z9yCc2h-t9nGAvOlaRgv1yvpLssMiIn2W77Ud_2g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-A5ZJpH49GjMohIzvRqknag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hitdu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 19 Jan 2023 03:12:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-A5ZJpH49GjMohIzvRqknag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hitdu.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hitdu.com/	1970-01-20 18:37:37	Name: _ga_NB8SC61W82 Value: GS1.1.1674097941.1.0.1674097941.0.0.0
.hitdu.com/	1970-01-20 18:37:37	Name: _ga Value: GA1.2.1413326883.1674097941
.hitdu.com/	1970-01-20 09:03:04	Name: _gid Value: GA1.2.1466590602.1674097941
.hitdu.com/	1970-01-20 09:01:38	Name: _gat_gtag_UA_188465769_1 Value: 1
.hitdu.com/	1970-01-20 18:23:13	Name: __gads Value: ID=6f243659c01639e1-22f1c6dc54db002f:T=1674097942:RT=1674097942:S=ALNI_MZ4y_-P2oFQGGXFa5-wfi7DlgqThA
.hitdu.com/	1970-01-20 18:23:13	Name: __gpi Value: UID=00000ba4d626f08e:T=1674097942:RT=1674097942:S=ALNI_MbUSnqcijHz9L1_Qi1FQMDVbb-Isg
.doubleclick.net/	1970-01-20 18:23:13	Name: IDE Value: AHWqTUm7vyeo3rd9kfuvJPhok5dBBEM1Dm7wusoqA1G8WUiqwlWvS6ePaY5ABf9kEGc
.ctnsnet.com/	1970-01-20 17:47:13	Name: cid_00c3fd32d6ce45669c4261cdc3551d19 Value: 1
.ctnsnet.com/	1970-01-20 17:47:13	Name: gid_CAESENnpKdA5tEjiTBR8ExBqLYA Value: 1
.bidswitch.net/	1970-01-20 17:47:13	Name: c Value: 1674097943
.bidswitch.net/	1970-01-20 17:47:13	Name: tuuid_lu Value: 1674097943
.bidswitch.net/	1970-01-20 17:47:13	Name: tuuid Value: 258fa121-05ba-4dd7-9806-2bdac406fd6d
.ctnsnet.com/	1970-01-20 17:47:13	Name: cid_5ad4d58e0e484e1ba5de4f8f0f2fd111 Value: 1
.ctnsnet.com/	1970-01-20 17:47:13	Name: gid_CAESEA6oN82fJQFL6-gq6HnBQjo Value: 1
.pubmatic.com/	1970-01-20 09:03:04	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 17:47:13	Name: KADUSERCOOKIE Value: 2BEB4B21-CA42-4B47-88EC-444585573073
.doubleclick.net/	1970-01-20 09:01:41	Name: DSID Value: NO_DATA
.1rx.io/	1970-01-20 17:47:13	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-34d8ce2f-b216-498e-a3a7-7a7b784cfd6c-003%22%7D
.yahoo.com/	1970-01-20 17:47:35	Name: A3 Value: d=AQABBBe1yGMCEJg6wcZpsvchhkwMZOBpZ3kFEgEBAQEGymPSYwAAAAAA_eMAAA&S=AQAAAr6DIA7JJpKihdoWjTBnhmI
.targeting.unrulymedia.com/	1970-01-20 17:47:13	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-34d8ce2f-b216-498e-a3a7-7a7b784cfd6c-003%22%7D
.adnxs.com/	1970-01-20 11:11:13	Name: uuid2 Value: 7667360145678799815
.lijit.com/	1970-01-20 17:47:13	Name: ljt_reader Value: GAqAuGZHkkCLhfDlTDSO5c3L
.rfihub.com/	1970-01-20 18:23:13	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMrUwNDI3MTcwNxXiM9TNcTUvTS13cqs0zUgGAAIdRk8lAAAA
.rfihub.com/	1970-01-20 18:23:13	Name: eud Value: H4sIAAAAAAAA_1vFwmtoZm5iYGluaWJsamAJAO88IMEQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMrUwNDI3MTcwNxXiM9TNcTUvTS13cqs0zUgGAAIdRk8lAAAA
.turn.com/	1970-01-20 13:20:49	Name: uid Value: 3516212565262418191
.tribalfusion.com/	1970-01-20 11:11:13	Name: ANON_ID Value: a9nseFs2aF9pAJsbYLnL5xPOfCF4DkANG5WHdyZbc1s613KVKdgVrqS7Wdo6Y5mDZaOZbqRuHP1sc5RFtB4ykgZa
.awin1.com/	1970-01-20 09:05:57	Name: awpv11354 Value: 412871\|1674097943\|1825daa0-97a7-11ed-a520-22653408fd8a
www.conrad.de/	1970-01-20 09:08:49	Name: HTLP_timestamp Value: 1674097944
www.conrad.de/	1970-01-20 09:08:49	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 09:01:39	Name: __cf_bm Value: NocdZddNqulQ5LDJldK.H4o14SF_f.01RDLawAlq4yE-1674097944-0-Acm2nTWvCA3FtnwwwqQ0qMzCFFqYOKrys1lyr0T3ko/2Ci3jcMFoWLRyKFd8hOi4ntUMefzsfeG8b+X0V+9sbuM=
.awin1.com/	1970-01-20 09:11:42	Name: awpv11938 Value: 412871\|1674097944\|18406780-97a7-11ed-ad94-2233c4476c8a
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-20 09:11:46	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1674097944_18406780-97a7-11ed-ad94-2233c4476c8a%22%2C%22sp%22%3A%22awin%22%7D
.blau.de/	1970-01-20 09:11:42	Name: nscQ486 Value: V
.blau.de/	1970-01-20 09:11:42	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY3NDA5Nzk0NHZsZWExZGUyMDIzMDExOTA0MTIyNDgwNjE1OTAxMTA3WDExMzc1MlYxMjI1MTMxMTA2TVN2aWV3b25laWRSNVhmZ2Y2UUZYMjdUa0h3SDN0UXRkZEFGd1R6VDdnczdvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNDNfVG9wUm90YU1vbnRoMTEzNzUy
.blau.de/	1970-01-20 09:11:42	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023011904122480615901107X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
.o2online.de/	1970-01-20 09:11:42	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 09:11:42	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY3NDA5Nzk0NHZsZWExZGUyMDIzMDExOTA0MTIyNDgwNjE1OTAxMTA1WDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWQzYmdGcGYxNFVaclpVN0hySEF0RXQ5OTdmOFRXVFJlYWRvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNDNfVG9wUm90YU1vbnRoMTIwMjEx
.o2online.de/	1970-01-20 09:11:42	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023011904122480615901105X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY3NDA5Nzk0NHZsZWExZGUyMDIzMDExOTA0MTIyNDgwNjE1OTAxMTA1WDEyMDIxMVYxMjI2MTMyNzAyT
.hitdu.com/	1970-01-20 17:47:13	Name: FCNEC Value: %5B%5B%22AKsRol8hZf5hoGfFrJYdHUvslBi-t6tcIDqYM8vN4l8nVXolI5U7oQu33uuCIAsQjWJyRcSTyefCmP5dBEvhI8ySuU7wBUcAsXBam_lIfXbey9-Kl_ysBe0s878rKCLDSsabJjZqvel659SNd_OYJJFZ5ZspkpT-HA%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
adservice.google.com
adservice.google.de
ap.lijit.com
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cdn.ampproject.org
cdn.statically.io
cm.g.doubleclick.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
image6.pubmatic.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
secure.adnxs.com
ssbsync.smartadserver.com
static-de.ad4mat.net
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.hitdu.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
104.111.217.42
104.87.133.65
142.250.184.194
142.251.208.102
18.196.254.35
185.64.189.115
185.83.142.19
185.86.139.103
193.0.160.129
194.163.150.165
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.19.147.44
216.52.2.30
2600:1901:0:76b9::
2600:9000:211e:2e00:1b:5138:8a40:93a1
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700::6812:18ad
2606:4700::6812:7e05
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:400d:806::2002
2a00:1450:400d:806::200e
2a00:1450:400d:807::2002
2a00:1450:400d:808::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::200a
2a00:1450:400d:80e::2002
2a00:1450:4025:401::9c
2a04:4e42:600::347
2a05:d018:d29:3601:8218:ef5f:5750:723c
35.186.193.173
35.227.252.103
46.4.62.19
51.38.120.206
84.200.5.215
87.118.116.9
005f556fdbe51787694dd69c6083c35ef4ec56722f8920aef5303d08a3c5b2f4
019b3768e45c01944ad699b50e214cee74cc06c4f817781be825f9825e46d230
0405c549d470e6b388d640fddf6615194b50ea21244f17d490a241bd3b4448a3
09a651aa448b478d93c9c490b1a3ce89ff65f39af76e9c65ab509f82e7120f42
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc90ed5387678d00bc99ec760181eb80f30bb0597c65aa0a1f0289ae6a8d34e
11dbc0d42a9693917d51a2ffbf57920517ca9a9150644f6a3694373b846304ad
127b8c7558b2722619570b3021cb3cf59019f7b34e8db028744468bc66adda11
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186708f70013c65750ea6626fe4463cf9ffd8b10c345c580a45e2840be4cb2e0
1b3f9e746fc9e16614032c323fe39cdb7e582c2ab0969945001f1c9370a911a1
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d20296e6e4095f1e284d820671a214c9bf89ae68599359c06e5447a9b980d57
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3bbc70c42e3c98edaf309b6945782b071a3d9c0b1688520824237e9263a8a965
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
40156ccb25534e95d609a021bfa670603509df3198b65e87e30b4a5fda05e3ef
479acc77ce8c0a5bd6e5c752dfc599805874576239d0a4e536f453914a3b3697
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
497ab64139aea1bba561de10ef1878bd46a971d23bef7782c351aa758daf1cc4
4b9aa6c2331eff16eb21521d8acbe1f073bfce5c6a3a353b7f92c4b28bb6357c
4bdf1c3bbedc463278f628c032cd4a7b104ad140437170bebbfd7111d6fc8325
4c297fe565cf2ef4f88e28cbad91c2bcc919ab2df69d47e03e16bed6275b758e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dab846e91cbe1bd7e01c3e4c83e2676cb9a9ca0bed18b8c0fc1cd16ab328112
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5109cc7862c350f8d920b8d08a0401fabc3bbd92b019b1561d0ebc458a5b1ae6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b6de495183440f6be045eced6fc0a6bb05c58c15a6d8b8dbd9aea34849cbc6
55c539b7c378ada3a217d999e8364ec8f1d83c0cbdd488dad4629feadd2b4253
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
597e3e07b8674ecbfd70d4fa5e2a19d68fdeb127461820a2b44768442f15c157
599f7884d948a4f89a14c99c86694037b9de229493c7189ec6a6979a6c4b9f9b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fa93bea8a4e2601112c3bf7e882b8139d14ecfc67625bce9838101472297dc
6354ccc791b48c39bd9dbd0ce7e8e92f6959043962f4826d10207a69dcc99658
66ce50d95c2f996ab9393a358f19b411b5dd482b3924b9cfadc719db9209c2fa
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7fe9e616dec79e0c6e9f74ca7c448f6c624a28a499152edfd378c6acb644bc73
81228f9d03e59ee64d416dc876d6914f351b31f64eca3d206a8772d4e556db0d
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87aeac888d6f9093832d07b58f8588d146247b8decdc3615d50a46b352a1471f
8bda169ef240236d70dc7e9b6386c94a33ba3c544079bb5ca247384b892d66bf
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
9573570decf772301f833e2c392ee8176e8004cbd4483a0d58cbff535e51963f
96e1c06e34326474a76d1afca4b5c75e824e6608eea940a79c93f47131d9f791
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ffb4e69cdb69f1acaa77badc87f1b66e9db5837935807e18a2a2b6f20b5993d
a160e1ee49c25dca5ca1e50bd6522cf2ae6c9abb8c5ac0260da1b4029af43552
a1d1651c19cfdd91386b3bd3e362a0ecf2636d6e6feb85b79fc763616b144020
a1e3eab7d37819d5a9f704b96dfdaacafad95ca08eed7468e1d810a86ea602e5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b67fe64923a586061ca8b4ee5086f981d05f483f4a1bd87f6ccecb8570f8dffd
b6e075b15a6f55767631a2146e95c41b2628e6000eb2782ecabfacdf80d97019
bae0fc54af74296da4554354c1ba6a6c2a41c1fadb2c320cd99911c95e195c7c
c06114343d27abeac82f3a448721e9bf5244a585c72948e3b4425fd4cb531d25
c06ca462e459720f2606741541e8c87eef7937fe41722cfef47ed14057bb670a
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c554dcbba1de28d99aa7bdc2070d021ee65987f1942961cd57742358400145ba
c73152a3a3d397dba4196e9c577bcc6b59252f76dacf0c4186bb41613769b1fd
c87f0830b37e1408eefc411503b1b1388abf6130ee5770df02412842e68d1011
c8da092d0b73c8ff6140036adbb9cc831f8e027d723799628c92591d04572f4f
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cd7ccad7850a8f186ed43d9f0f46ee1eb2c42a05073ea615ee64c147abc710b6
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d2828041d96dad7b3df90638e5eae34bd0ba677140015751a7c5c76d49f6204c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d9844dbef09c9f608570bed196bc2722932f11c0c44d5ea81635b13964889077
da18ca5c0fcbb13b7cbcc303389199c34093913017249f2a8ba9a2f27049890a
daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197
dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598
e3712fe8a75c65747b2404a3eb92c8ebe40dc094b616d896d280237e46e16ec0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f2af3a89d680a42e7ea2d7117aeb2f4738a433c081e1d6172b87d267249649
f0752956e808258ea2e83c25ea3a9a75e750da1aae9ee38b3977ffc3008d7361
f24d08dc3e7375bf06acd5d78734fb39af8b084fb6c792cbfe116b1ee0c8468f
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
f3b5a87f90aacaf68f022665d25df4a0776cbe7f32b8cec68a2babec7d2f19e7
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fc213583456c1888933a2b8944e3437549f408d2f83d3678846be51227d67893
fe1d5c775724cb772b3dce8e8e92334f884cf5d0a5a3d3266b39fe4cc0a2fa0c
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

www.hitdu.com Open in urlscan Pro 194.163.150.165 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

179 Requests

75 %HTTPS

60 %IPv6

38 Domains

51 Subdomains

33 IPs

7 Countries

2188 kBTransfer

4516 kBSize

41 Cookies

2 Outgoing links

Redirected requests

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

www.hitdu.com Open in urlscan Pro
194.163.150.165 Public Scan

Screenshot
Live screenshot

Full Image

179
Requests

75 %
HTTPS

60 %
IPv6

38
Domains

51
Subdomains

33
IPs

7
Countries

2188 kB
Transfer

4516 kB
Size

41
Cookies

179 HTTP transactions
4 data transactions